CVE-2023-2868

Barracuda Networks ESG Appliance Improper Input Validation Vulnerability

Barracuda Email Security Gateway (ESG) appliance contains an improper input validation vulnerability of a user-supplied .tar file, leading to remote command injection. Vendor/Product: Barracuda Networks Email Security Gateway (ESG) Appliance. Added to CISA KEV 2023-05-26; required action: Apply updates per vendor instructions.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2023-2868