CVE-2023-2868

critical-risk
Published 2023-05-24

A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product effecting versions 5.1.3.001-9.2.0.006. The vulnerability arises out of a failure to comprehensively sanitize the processing of .tar file (tape archives). The vulnerability stems from incomplete input validation of a user-supplied .tar file as it pertains to the names of the files contained within the archive. As a consequence, a remote attacker can specifically format these file names in a particular manner that will result in remotely executing a system command through Perl's qx operator with the privileges of the Email Security Gateway product. This issue was fixed as part of BNSF-36456 patch. This patch was automatically applied to all customer appliances.

Do I need to act?

!
90.9% chance of exploitation in next 30 days
EPSS score — higher than 9% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.4/10 Critical
NETWORK / LOW complexity

Affected Products (5)

Affected Vendors

Barracuda

References (5)

Vendor Advisory https://status.barracuda.com/incidents/34kx82j5n4q9
Mitigation https://www.barracuda.com/company/legal/esg-vulnerability
Vendor Advisory https://status.barracuda.com/incidents/34kx82j5n4q9
Mitigation https://www.barracuda.com/company/legal/esg-vulnerability
US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2023-...
70
/ 100
critical-risk
Severity 31/34 · Critical
Exploitability 27/34 · High
Exposure 12/34 · Low