Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339621）

Rule General Information


Release Date:		2025-11-12

Rule Name:		Sensitive File Access Detection-MysqlConfig

Severity:

CVE ID:

Rule Protection Details


Description:		MySQL configuration files routinely hold connection strings, plaintext credentials, host ports, character sets, and paths to SSL/TLS keys. When acquired through web path traversal, directory brute-forcing, or backup-file scanning, these files expose database credentials that allow an attacker to pivot to the database tier, exfiltrate, tamper with, or ransom business data. Additional entries such as backup directories, log locations, and plugin folders can be leveraged for privilege escalation, backdoor installation, or constructing deeper persistence, placing the entire data estate at risk of compromise.

Impact:		An attacker could exploit this vulnerability to have unspecified effect.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.