Update #3820 - (06/27/2025)

New Signatures

Signature Name	Severity	Description
HTTP:CTS:IVANTI-ENDPNT-MNG-INSC	major	This signature detects attempts to exploit a known vulnerability against Ivanti. A successful attack can lead to arbitrary code execution
HTTP:CTS:FRTNET-CERT-FRMT-STRNG	major	This signature detects attempts to exploit a known vulnerability against Fortinet. A successful attack can lead to arbitrary code execution.
HTTP:CTS:RUBYSAML-XML-AUTHBYPAS	minor	This signature detects attempts to exploit a known vulnerability against Ruby-Saml. A successful attack can lead to security bypass.
HTTP:COLDFUSION:CVE2025-30287	major	This signature detects attempts to exploit a known vulnerability against Adobe ColdFusion. A successful attack can lead to security bypass.
HTTP:STC:CVE-2025-43574-UAF	major	This signature detects attempts to exploit a known vulnerability against Adobe. A successful attack can lead to arbitrary code execution.
HTTP:DIR:SMSNG-MINFO9	major	This signature detects attempts to exploit a known vulnerability against Samsung MagicINFO. A successful attack can lead to directory traversal and arbitrary code execution.
HTTP:CTS:CVE-2025-30283-BYP	major	This signature detects attempts to exploit a known vulnerability against Adobe Coldfusion. A successful attack can lead to security bypass.
HTTP:COLDFUSION:CVE-2025-30281	major	This signature detects attempts to exploit a known vulnerability against Adobe Coldfusion. A successful attack can lead to arbitrary code execution.
HTTP:STC:ADOBE:CVE-2025-47112OB	major	This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
HTTP:STC:ADOBE:CVE2025-43577UAF	major	This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
HTTP:STC:ADOBE:CVE2025-43576-UF	major	This signature detects attempts to exploit a known vulnerability against Adobe Acrobat Reader. A successful attack can lead to arbitrary code execution.
HTTP:CTS:WRDPRS-KUBIOAI-LFI	major	This signature detects attempts to exploit a known vulnerability against WordPress Kubio AI Page Builder Plugin template. A successful attack can lead to Remote file inclusion.

Updated Signatures

Signature Name	Severity	Description
HTTP:CTS:IVANTI-CLOUD-CMD-INJ	major	This signature detects attempts to exploit a known vulnerability against Ivanti Cloud Service Appliance. A successful attack can lead to command injection and arbitrary code execution.
HTTP:CTS:PAPERCUT-AUTH-RCE	major	This signature detects attempts to exploit a known vulnerability against PaperCut NG. A successful attack can lead to arbitrary code execution.
APP:PPTP:WIN-P2P-USE-AFTR-FREE	critical	This signature detects attempts to exploit a known vulnerability against Windows PPTP Protocol. A successful attack can lead to arbitrary code execution.
HTTP:CTS:FORTINET-FWEB-CMD-INJ	critical	This signature detects attempts to exploit a known vulnerability against Fortinet. A successful attack can lead to arbitrary code execution.
HTTP:CTS:ADOBE-COMM-MGNTO-XXE	major	This signature detects attempts to exploit a known vulnerability against Adobe Commerce and Magento. A successful attack can lead to arbitrary code execution.