Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
barracuda vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-7102
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 up to and including 9.2.1.001, until Barracuda removed the vulnerable logic.
Barracuda Email Security Gateway 300 Firmware
Barracuda Email Security Gateway 400 Firmware
Barracuda Email Security Gateway 600 Firmware
Barracuda Email Security Gateway 800 Firmware
Barracuda Email Security Gateway 900 Firmware
1 Github repository
1 Article
9.8
CVSSv3
CVE-2023-2868
A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). ...
Barracuda Email Security Gateway 300 Firmware
Barracuda Email Security Gateway 400 Firmware
Barracuda Email Security Gateway 600 Firmware
Barracuda Email Security Gateway 800 Firmware
Barracuda Email Security Gateway 900 Firmware
1 Github repository
7 Articles
9.8
CVSSv3
CVE-2014-2595
Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote malicious users to bypass authentication by leveraging a permanent authentication token obtained from a query string.
Barracuda Web Application Firewall 7.8.1.013
1 EDB exploit
9.8
CVSSv3
CVE-2014-8428
Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.015 via the use of an improperly protected SSH key.
Barracuda Load Balancer 5.0.0.015
9.8
CVSSv3
CVE-2014-8426
Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015.
Barracuda Load Balancer 5.0.0.015
8.8
CVSSv3
CVE-2017-6320
A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11-26) and v6.0.1.006 (2016-08-19); fixed in 6.1.0.003 (2017-01-17)) in which an authenticated user can execute arbitrary shell commands and gain root privil...
Barracuda Load Balancer Adc
1 EDB exploit
7.8
CVSSv3
CVE-2021-42711
Barracuda Network Access Client prior to 5.2.2 creates a Temporary File in a Directory with Insecure Permissions. This file is executed with SYSTEM privileges when an unprivileged user performs a repair operation.
Barracuda Network Access Client
7.8
CVSSv3
CVE-2019-6724
The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local malicious user to load a malicious library, resulting in arbitrary code executing as root.
Barracuda Vpn Client
7.2
CVSSv3
CVE-2023-26213
On Barracuda CloudGen WAN Private Edge Gateway devices prior to 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated malicious user to execute arbitrary commands. For example,...
Barracuda T100b Firmware 8.3.1
Barracuda T200c Firmware 8.3.1
Barracuda T400c Firmware 8.3.1
Barracuda T600d Firmware 8.3.1
Barracuda T900b Firmware 8.3.1
Barracuda T93a Firmware 8.3.1
Barracuda T193a Firmware 8.3.1
6.5
CVSSv3
CVE-2019-5648
Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. ...
Barracuda Load Balancer Adc Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27842
CVE-2024-30657
CVE-2024-4534
hardcoded
SSRF
CVE-2024-21683
CVE-2024-5364
file upload
CVE-2024-5371
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »