Vulnerability CVE-2023-7102


Published: 2023-12-24

Description:
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic.

 References:
https://www.barracuda.com/company/legal/esg-vulnerability
https://www.cve.org/CVERecord?id=CVE-2023-7101
https://metacpan.org/dist/Spreadsheet-ParseExcel
https://github.com/haile01/perl_spreadsheet_excel_rce_poc
https://github.com/jmcnamara/spreadsheet-parseexcel/blob/c7298592e102a375d43150cd002feed806557c15/lib/Spreadsheet/ParseExcel/Utility.pm#L171
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0019.md

Copyright 2026, cxsecurity.com

 

Back to Top