'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app:zimbra_collaboration_autodiscover_servlet_xxe_vulnerability(Rule ID:1070210409)

Release Date2025/9/15

Rule NameCVE-2019-9670:Zimbra Collaboration Autodiscover Servlet XXE Vulnerability

Severity:critical

CVE IDCVE-2019-9670

 

Descripiton

Zimbra Collaboration Suite (ZCS) is an open-source collaboration suite developed by Zimbra Inc., an American company. The product includes features such as WebMail, calendar, and address book. There is a code issue vulnerability in Zimbra ZCS versions 8.5 to 8.7.11. This vulnerability stems from improper design or implementation issues in the code development process of the network system or product.
Other reference:None

 

Solution

Update vendor patches.