'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339793)

Rule General Information
Release Date: 2026-02-11
Rule Name: PHP Code Injection Detection - Injection Character 2
Severity:
CVE ID:
Rule Protection Details
Description: Code injection vulnerabilities are caused by the application's lax filtering of user input. Attackers can inject code into the server running the application and remotely execute the injected code. This rule is used to detect suspicious PHP code injection characters in HTTP requests.
Impact: An attacker could exploit this vulnerability to have unspecified effect.
Affected OS: Windows, Linux, Others
Reference:
Solutions
1. Filter and escape user input to ensure that it does not contain malicious Java code. 2. Use safe apis and functions to execute code. Avoid directly concatenating user input into code. 3. Conduct regular security audits and tests to find potential code injection vulnerabilities and fix them in time.