Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339389）

Rule General Information


Release Date:		2025-08-19

Rule Name:		Kingdee Apusic Application Server loadTree JNDI Injection Vulnerability

Severity:

CVE ID:

Rule Protection Details


Description:		Kingdee Apusic Application Server is an enterprise level application server that fully supports Jakarta EE technical specifications, providing web containers, EJB containers, and WebService containers. It supports the latest technical specifications and provides key support for the convenient development, flexible deployment, reliable operation, efficient control, and rapid integration of enterprise level applications. The Kingdee Swift Apusic application server has a JNDI injection vulnerability. Attackers can manipulate the application to use JNDI for remote resource lookup, thereby executing arbitrary code or obtaining sensitive information.

Impact:		An attacker could exploit this vulnerability to have unspecified effect.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.