The recent discovery of a zero-day vulnerability (CVE-2023-2868) in Barracuda Networks Email Security Gateway (ESG) appliances has brought significant concern. CVE-2023-2868 is a remote command injection vulnerability that grants unauthorized execution of system commands with administrator privileges on Barracuda ESG appliances. Notably, this vulnerability affects ESG versions 5.1.3.001-9.2.0.006 in the appliance form factor. The vulnerability is exploited during the email attachment screening process. Cyber actors can format TAR file attachments in a specific manner and send them to an email address linked to a domain with an ESG appliance. This malicious attachment triggers a command injection, allowing the execution of commands within the ESG with its privileges. More details about Barracuda’s zero-day vulnerability can be found here.
Source: GBHackers