Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339608）

Rule General Information


Release Date:		2025-11-12

Rule Name:		Laravel 8.0 RCE Vulnerability (CVE-2021-3129)

Severity:

CVE ID:

Rule Protection Details


Description:		The Laravel Ignition component shipped with Laravel 8.0 contains a pre-authentication remote-code-execution flaw. Attackers can send a crafted request to the framework’s built-in error-solution endpoint and inject a serialized payload that instructs the templating engine to load an arbitrary file path. By chaining this primitive with PHP’s base64 filter wrapper, the adversary is able to turn a file-read primitive into full code execution on the underlying server. Successful exploitation grants the attacker the same privileges as the web-server user, allowing complete takeover of the application host, lateral movement inside the infrastructure, installation of persistent backdoors, and exfiltration of sensitive application secrets such as database credentials, cloud access keys, and user session stores.

Impact:		An attacker could exploit this vulnerability to have unspecified effect.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.