GCVE - cpe:2.3:o:barracuda:t93a_firmware:8.3.1:-:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:o:barracuda:t93a_firmware:8.3.1:-:*:*:*:*:*:*

part: o version: 8.3.1 update: -

Vendor	Barracuda (`e0123b87-3b17-55c2-9356-13686d24ca66`)
Product	T93A Firmware (`7ccadf9a-9e29-5107-ac7d-9119533d53bd`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2023-26213`	vulnerable	2026-06-03 14:50:58.638673	Details available On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vulnerability exists in /ajax/update_certificate - a crafted HTTP request allows an authenticated attacker to execute arbitrary commands. For example, a name field can contain :password and a password field can contain shell metacharacters. Published: 2023-03-03T00:00:00.000Z Updated: 2025-03-07T15:55:49.918Z Open on db.gcve.eu Reference links https://www.barracuda.com/products/network-security/cloudgen-wan http://seclists.org/fulldisclosure/2023/Mar/2 https://sec-consult.com/vulnerability-lab/advisory/os-command-injection-in-barracuda-cloudgen-wan/ https://campus.barracuda.com/product/cloudgenwan/doc/96024723/release-notes-8-3-1/	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.