'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339756)

Rule General Information
Release Date: 2026-01-20
Rule Name: SQL Injection Detection - Command Execution
Severity:
CVE ID:
Rule Protection Details
Description: SQL injection vulnerability is caused by the web application's lack of validation of user input. Attackers submit sql statement to change the execution logic of background sql query, so as to obtain sensitive information or upload webshell. This rule is used to detect suspicious activities where attempts are made to execute system commands using xp_cmdshell.
Impact: An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference:
Solutions
Please contact the software vendor to update the software patch.