'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339413)

Rule General Information
Release Date: 2025-09-02
Rule Name: vBulletin replaceAdTemplate Remote Code Execution Vulnerability (CVE-2025-48828)
Severity:
CVE ID:
Rule Protection Details
Description: ‌Internet Brands vBulletin is a forum plugin developed by Internet Brands. A security vulnerability exists in Internet Brands' vBulletin, which stems from the misuse of the PHP Reflection API in the vBulletin API controller logic, along with specific changes introduced in PHP 8.1. These changes enable the invocation of protected (or even private) methods via methods such as ‌ReflectionMethod::invoke().
Impact: An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference: https://blog.kevintel.com/vbulletin-replaceadtemplate-kev/
Solutions
Please contact the software vendor to update the software patch.