'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app:apache_ofbiz_remote_code_execution_vulnerability(Rule ID:1070210321)

Release Date2025/9/15

Rule NameCVE-2024-45195: Apache OFBiz Remote Code Execution Vulnerability

Severity:critical

CVE IDCVE-2024-45195

 

Descripiton

Apache OFBiz is an enterprise resource planning(ERP) system from the Aoache Foundation. The System provides a complete set of java-based Web application components and tools. Versions earlier than Apache OFBiz 18.12.16 has remote code execution vulnerabilities that allow remote attackers to gain server permissions by controlling requests and writing malicious files. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.