Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339651）

Rule General Information


Release Date:		2025-11-25

Rule Name:		Landry EIS frm_form_upload.aspx Arbitrary File Upload Vulnerability

Severity:

CVE ID:

Rule Protection Details


Description:		Landry is a domestic digital office professional service provider, the only OA manufacturer invested by Alibaba Dingding, and the first strategic partner in the field of Alibaba Cloud knowledge management and collaboration. The frm_form_upload.aspx interface of the Landry EIS has an arbitrary file upload vulnerability. Attackers can deploy backdoors, Webshells and other malicious programs on the server to achieve remote code execution, server control, and further steal sensitive data or disrupt the normal operation of business systems.

Impact:		Attackers can upload viruses, Trojans, WebShell, other malicious scripts or pictures containing scripts to the server, and attackers can use these files for subsequent attacks.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.