'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339637)

Rule General Information
Release Date: 2025-11-18
Rule Name: Suspicious Webshell Communication Detection
Severity:
CVE ID:
Rule Protection Details
Description: Webshell is a kind of Web application written with dynamic scripts. Using Webshell, you can execute system commands, steal data, and implant viruses on the Web server. This rule has detected suspicious Webshell communication traffic.
Impact: An attacker could exploit this vulnerability to have unspecified effect.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Users should scan server content to see if Trojan horse files exist.