Intrusion Prevention



The script in the Barracuda Spam Firewall is vulnerable to a remote arbitrary command execution attack. An attacker can supply arbitrary commands to the web interface of the device and they will be executed within the context of the server.

Affected Products

Barracuda Networks Barracuda Spam Firewall 3.1.17 firmware.


The execution of arbitrary code on the system.

Recommended Actions

Apply appropriate patch from the vendor or upgrade to non-vulnerable version if available.

CVE References

CVE-2005-2848 CVE-2005-2847