← ExploitWatch
HomeExploited Vulnerabilities

CVE-2023-2868 — Actively Exploited: Email Security Gateway (ESG) Appliance (Barracuda Networks)

Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.

CVE IDCVE-2023-2868
VendorBarracuda Networks
ProductEmail Security Gateway (ESG) Appliance
Vulnerability nameBarracuda Networks ESG Appliance Improper Input Validation Vulnerability
Date added2023-05-26
Remediation due2023-06-16
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionBarracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →