Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339402）

Rule General Information


Release Date:		2025-08-19

Rule Name:		NetMizer Log Management System Terminals Interface SQL Injection Vulnerability

Severity:

CVE ID:

Rule Protection Details


Description:		NetMizer Log Management System is a leading global provider of integrated application delivery and application security solutions to enable intelligent business networks. It delivers solutions that ensure comprehensive availability, high performance, and robust security for mission-critical applications for enterprises and operators worldwide. The Terminals interface of NetMizer contains an SQL injection vulnerability. Unauthenticated malicious attackers can exploit this SQL injection vulnerability to retrieve information from the database. Attackers may even execute commands with high privileges, potentially gaining further system-level access to the server.

Impact:		An attacker can inject arbitrary sql commands to view or change the database of the target by exploiting the vulnerability successfully.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.