Barracuda Networks Barracuda Spam Firewall — known CVE vulnerabilities
Every CVE whose affected-product data names Barracuda Networks Barracuda Spam Firewall, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2007-1673 — CVSS 7.8 (high): unzoo.c, as used in multiple products including AMaViS 2.4.1 and earlier, allows remote attackers to cause a denial of service (infinite…
CVE-2005-2847 — CVSS 7.5 (high): img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell…
CVE-2005-0431 — CVSS 7.5 (high): Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members…
CVE-2006-4001 — CVSS 7.5 (high): Login.pm in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows…
CVE-2006-4081 — CVSS 7.5 (high): preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote attackers to execute commands via shell…
CVE-2006-4082 — CVSS 7.2 (high): Barracuda Spam Firewall (BSF), possibly 3.3.03.053, contains a hardcoded password for the admin account for logins from 127.0.0.1…
CVE-2008-1094 — CVSS 6.5 (medium): SQL injection vulnerability in index.cgi in the Account View page in Barracuda Spam Firewall (BSF) before 3.5.12.007 allows remote…
CVE-2005-2849 — CVSS 6.4 (medium): Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions…
CVE-2005-2848 — CVSS 5.0 (medium): Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read…
CVE-2007-5058 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Web administration interface in Barracuda Spam Firewall before firmware 3.5.10.016 allows…
CVE-2008-2333 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in ldap_test.cgi in Barracuda Spam Firewall (BSF) before 3.5.11.025 allows remote attackers to…
CVE-2006-4000 — CVSS 4.0 (medium): Directory traversal vulnerability in cgi-bin/preview_email.cgi in Barracuda Spam Firewall (BSF) 3.3.01.001 through 3.3.03.053 allows remote…
CVE-2008-0971 — CVSS 3.5 (low): Multiple cross-site scripting (XSS) vulnerabilities in index.cgi in Barracuda Spam Firewall (BSF) before 3.5.12.007, Message Archiver…