'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

RULE(RULE ID:345057)

Rule General Information
Release Date: 2026-06-10
Rule Name: D-Link DIR 823x diag_ping Command Injection Vulnerability (CVE-2025-29040)
Severity:
CVE ID:
Rule Protection Details
Description: The D-Link DIR-823X router provides a web diagnostic function that allows users to test network connectivity through the diag_ping interface. This interface improperly handles special characters such as newline characters in the target_addr parameter. Attackers can craft malicious POST requests to inject system commands, potentially gaining device privileges, modifying routing and DNS settings, monitoring or redirecting internal network traffic, and affecting network availability.
Impact: An attacker can execute arbitrary command via a successful exploit in the context of the vulnerable software.
Affected OS: Network Device
Reference: https://gist.github.com/xyqer1/b3bebe4967a3093951273738f0be45ce
Solutions
Please contact the software vendor to update the software patch.