'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339650)

Rule General Information
Release Date: 2025-11-18
Rule Name: Apache Log4j2 Remote Code Execution Vulnerability (CVE-2021-44228)
Severity:
CVE ID:
Rule Protection Details
Description: Apache Log4j2 is a Java based logging tool. It is an upgrade of log4j. It is one of the best Java logging frameworks at present. The log framework is widely used in business system development to record log information. Developers may write the error information caused by user input to the log. As long as the data entered by external users will be logged, it can cause remote code execution.
Impact: An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference: https://github.com/apache/logging-log4j2/releases/tag/log4j-2.15.0-rc1
Solutions
It is recommended that the user set "log4j2. Formatmsgnolookups = true", or set the JVM parameter "- dlog4j2. Formatmsgnolookups = true", or set the system environment variable "format_messages_pattern_disable_lookups" to true.