CVE-2023-2868 — Actively Exploited: Email Security Gateway (ESG) Appliance (Barracuda Networks)
Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection.
| CVE ID | CVE-2023-2868 |
|---|---|
| Vendor | Barracuda Networks |
| Product | Email Security Gateway (ESG) Appliance |
| Vulnerability name | Barracuda Networks ESG Appliance Improper Input Validation Vulnerability |
| Date added | 2023-05-26 |
| Remediation due | 2023-06-16 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →