'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339414)

Rule General Information
Release Date: 2025-09-02
Rule Name: Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Severity:
CVE ID:
Rule Protection Details
Description: ‌Wing FTP Server is a cross-platform FTP server software that supports operating systems such as Windows, Linux, macOS, and Solaris. It provides protocol support for FTP, FTPS, HTTP, HTTPS, and SFTP, along with a built-in web-based management interface and client.In versions prior to Wing FTP Server 7.4.4, the login interface (loginok.html) improperly processed the username parameter, resulting in NULL byte injection and Lua code injection vulnerabilities. This vulnerability allowed remote attackers to exploit session files through injected Lua code, enabling remote code execution (RCE) with root/SYSTEM privileges, ultimately leading to complete server compromise.
Impact: An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference: https://blog.kevintel.com/vbulletin-replaceadtemplate-kev/
Solutions
Please contact the software vendor to update the software patch.