Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339478）

Rule General Information


Release Date:		2025-09-23

Rule Name:		X2Modbus Gateway Sensitive Information Leakage Vulnerability

Severity:

CVE ID:

Rule Protection Details


Description:		X2Modbus is a powerful protocol-conversion gateway developed by Shanghai Xunrao Automation Technology Co., Ltd. Users can configure it to match field devices’ communication protocols and convert them to the standard Modbus protocol for uploading to hardware protocol-conversion gateways. The X2Modbus gateway’s GetUser interface contains an information disclosure vulnerability that allows unauthorized users or attackers to obtain administrator account credentials (such as usernames and passwords) and log in to the backend.

Impact:		An attacker could exploit this vulnerability to have unspecified effect.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.