Known Vulnerabilities for products from Barracuda
Listed below are 12 of the newest known vulnerabilities associated with the vendor "Barracuda".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Additional devices specifications by Barracuda can be found at device.report : Barracuda
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-43487 json | Not Provided | 2026-05-13 | 2026-05-13 | |
| CVE-2026-22676 json | Not Provided | 2026-04-15 | 2026-04-16 | |
| CVE-2023-26213 json | On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891, an OS command injection vul... | 7.2 - HIGH | 2023-03-03 | 2023-03-10 |
| CVE-2023-2868 json | A remote command injection vulnerability exists in the Barracuda Email Security Gateway (appliance form factor only) product ... | 9.8 - CRITICAL | 2023-05-24 | 2023-06-01 |
| CVE-2021-42711 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.8 - HIGH | 2021-12-01 | 2021-12-03 |
| CVE-2019-6724 json | The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privi... | 7.8 - HIGH | 2019-03-21 | 2020-08-24 |
| CVE-2019-5648 json | Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit t... | 6.5 - MEDIUM | 2020-03-12 | 2020-03-12 |
| CVE-2018-20369 json | Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/... | 6.1 - MEDIUM | 2018-12-23 | 2019-01-15 |
| CVE-2017-6320 json | A remote command injection vulnerability exists in the Barracuda Load Balancer product line (confirmed on v5.4.0.004 (2015-11... | Not Provided | 2017-07-18 | 2025-04-20 |
| CVE-2015-0962 json | Barracuda Web Filter 7.x and 8.x before 8.1.0.005, when SSL Inspection is enabled, uses the same root Certification Authority... | Not Provided | 2015-05-25 | 2026-05-06 |
| CVE-2015-0961 json | Barracuda Web Filter before 8.1.0.005, when SSL Inspection is enabled, does not verify X.509 certificates from upstream SSL s... | Not Provided | 2015-05-25 | 2026-05-06 |
| CVE-2014-8428 json | Privilege escalation vulnerability in Barracuda Load Balancer 5.0.0.015 via the use of an improperly protected SSH key. | 9.8 - CRITICAL | 2017-08-28 | 2017-09-01 |
| CVE-2014-8426 json | Hard coded weak credentials in Barracuda Load Balancer 5.0.0.015. | 9.8 - CRITICAL | 2017-08-28 | 2017-09-01 |
| CVE-2014-2595 json | Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent... | 9.8 - CRITICAL | 2020-02-12 | 2020-02-20 |
Known software with vulnerabilities from Barracuda
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Barracuda | Load Balancer | 5.0.0.015 |
| Hardware | Barracuda | Load Balancer Adc | - |
| Application | Barracuda | Load Balancer Adc | 5.2.0.004 |
| Operating System | Barracuda | Load Balancer Adc Firmware | 6.2.0.005 |
| Application | Barracuda | Message Archiver | 2018 |
| Application | Barracuda | Vpn Client | 5.0 |
| Application | Barracuda | Web Application Firewall | 7.8.1.013 |
| Application | Barracuda | Web Filter | 7.0 |
| Application | Barracuda | Yosemite Server Backup | 8.8.3 |