Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339386）

Rule General Information


Release Date:		2025-08-19

Rule Name:		Bianque Medical System GetLyfsByParams SQL Injection Vulnerability

Severity:

CVE ID:

Rule Protection Details


Description:		The Bianque medical system has an SQL injection vulnerability. This vulnerability is due to the fact that the GetLyfsByParams interface of the system does not effectively filter user input, allowing malicious attackers to concatenate strings for SQL injection.

Impact:		An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.