'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339717)

Rule General Information
Release Date: 2025-12-30
Rule Name: Kingdee EAS Remote Command Execution Vulnerability
Severity:
CVE ID:
Rule Protection Details
Description: Kingdee EAS is a set of enterprise-level management software solutions developed by China Kingdee Software. Kingdee EAS aims to help enterprises achieve information-based management, providing comprehensive functional modules such as enterprise resource planning, customer relationship management, and supply chain management, covering multiple business areas including finance, human resources, procurement, sales, and production. Kingdee EAS has a remote command execution vulnerability. Attackers can use the vulnerability to execute arbitrary commands to obtain server permissions, which may lead to further attacks on the intranet.
Impact: An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.