'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:339801)

Rule General Information
Release Date: 2026-02-11
Rule Name: Linux Command Injection Detection - whoami
Severity:
CVE ID:
Rule Protection Details
Description: The command injection vulnerability is caused by the application's lax filtering of user input. Attackers can execute arbitrary operating system commands on servers running applications by concatenating system commands. This rule is used to detect suspicious behavior in HTTP requests that attempt to inject commands using Linux system commands.
Impact: An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software.
Affected OS: Windows, Linux, Others
Reference:
Solutions
1. Filter and escape the data entered by the user to ensure that the input does not contain special characters or keywords injected by the command. 2. Use safe apis and functions to execute system commands, and avoid directly concatenating user input as commands. 3. Ensure that the program executes system commands with the principle of least privilege.