'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app: HPE_systems_insight_manager_amf_deserialization_rce_vul(Rule ID:1070210159)

Release Date2025/9/15

Rule NameCVE-2020-7200: HPE Systems Insight Manager AMF Deserialization Remote Code Execution Vulnerability

Severity:critical

CVE IDCVE-2020-7200

 

Descripiton

HPE Systems Insight Manager (HPE SIM) is an application software for server management from HPE of the United States. The software supports monitoring and management functions such as discovering and identifying devices, proactively notifying actual or impending component failures. HPE Systems Insight Manager (SIM) version 7.6 has a security vulnerability that can be exploited by attackers to execute remote code. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.