Barracuda.imgpl.Command.Execution

description-logoDescription

The script img.pl in the Barracuda Spam Firewall is vulnerable to a remote arbitrary command execution attack. An attacker can supply arbitrary commands to the web interface of the device and they will be executed within the context of the server.

affected-products-logoAffected Products

Barracuda Networks Barracuda Spam Firewall 3.1.17 firmware.

Impact logoImpact

The execution of arbitrary code on the system.

recomended-action-logoRecommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)