Sunday, November 19, 2017
Home / Security / Exploits / Barracuda Networks Vulnerable to File upload and 3 DOM based XSS Vulnerabilities

Barracuda Networks Vulnerable to File upload and 3 DOM based XSS Vulnerabilities

@SuperSl1nk has announced yesterday via Twitter that he has found a couple vulnerabliities in Barracuda’s official site.

He announced this new via a Tweet, which you can view below:

https://twitter.com/SuperSl1nk/status/295103333939695616

In the tweet he included a Pastebin link with urls to the vulnerabilities and an image.  

Here is a small snippet of the Pastebin post, which also included Barracuda’s subnets and all their IPs.

Industrial espionage is wrong, this is a warning. The information we hold could close your business. If you do not remove the backdoor all your other products. We will make public your information.
 Vulnerability of your Website: XSS DOM Based, Upload.
 FileUpload Forms: [+] https://www.barracudanetworks.com/support/malware_submission/virus
[+] https://www.barracudanetworks.com/support/malware_submission/spyware
 XSS DOM Based:
[+] http://imgur.com/p2z6Ery,AdffzmI,nWuSe8c
 DNS Servers for barracudanetworks.com: ns2.p23.dynect.net ns3.p23.dynect.net ns1.p23.dynect.net ns4.p23.dynect.net ** Found 90444178360.barracudanetworks.com at 64.235.144.254.

About FastFlux

Owner of ZeroSecurity, interested in programming, malware analysis and penetration testing. If you would like to write for the ZeroSecurity team, please use the contact form above.

Check Also

Amazon hacked – hacker leaks 80,000 login credentials

A hacker going by the name 0x2Taylor has said to have breached the servers of …