Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339607）

Rule General Information


Release Date:		2025-11-12

Rule Name:		ZOHO ManageEngine Remote Code Execution Vulnerability (CVE-2021-40539)

Severity:

CVE ID:

Rule Protection Details


Description:		This incident concerns a remote code execution flaw in ZOHO ManageEngine enterprise management products. An unauthenticated attacker can craft a request to the RestAPI endpoint that leverages directory traversal and malicious parameters to inject and execute arbitrary system commands within the server context. Successful exploitation grants full control over the compromised system, enabling lateral movement, persistent implantation, data exfiltration, and ransomware deployment, thereby endangering the entire corporate network.

Impact:		An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.