'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app: vBulletin_PHP_rce_vul(Rule ID:1070210132)

Release Date2025/9/15

Rule NameCVE-2020-17496: vBulletin /ajax/render/widget_tabbedcontainer_tab_panel PHP Remote Code Execution Vulnerability

Severity:critical

CVE IDCVE-2020-17496

 

Descripiton

vBulletin is an open source web forum program based on PHP and MySQL by InternetBrands and vBulletinSolutions in the United States. vBulletin 5.5.4 through 5.6.2 allows remote command execution via ajax/render/widget_tabbedcontainer_tab_panel with specially crafted subWidgets data to request the vulnerability to execute commands. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.