CVE-2023-2868
Barracuda Networks ESG Appliance Improper Input Validation Vulnerability
CVSS
—
No CVSS
EPSS
87.0%
p100
KEV
YES
May 26, 2023
Exploit Today
80
0-100
Published: — · Last modified: —
Product
Barracuda Networks / Email Security Gateway (ESG) Appliance
Vulnerability
Barracuda Networks ESG Appliance Improper Input Validation Vulnerability
Added to KEV
May 26, 2023
Remediate by
Jun 16, 2023
Known ransomware use
No
Summary description
Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.
Required action
Apply updates per vendor instructions.
Notes
https://status.barracuda.com/incidents/34kx82j5n4q9; https://nvd.nist.gov/vuln/detail/CVE-2023-2868
No related CVEs by CWE or product.