Hillstone Networks

'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>

RULE（RULE ID：339769）

Rule General Information


Release Date:		2026-01-27

Rule Name:		RAISECOM Multi-Service Intelligent Gateway list_base_config.php Remote Command Execution Vulnerability

Severity:

CVE ID:

Rule Protection Details


Description:		The list_base_config interface of the Raisecom Integrated Multi-Service Intelligent Gateway does not adequately restrict or validate user input parameters, allowing attackers to construct malicious parameters to write arbitrary PHP files to the server and access them, thereby triggering a remote code execution (RCE) vulnerability.

Impact:		An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software.

Affected OS:		Windows, Linux, Others

Reference:

Solutions

Please contact the software vendor to update the software patch.