'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

web_app:longteng_cms_arbitrary_file_write_vul(Rule ID:1070210520)

Release Date2025/9/15

Rule NameLongteng CMS Arbitrary File Write Vulnerability

Severity:high

CVE ID

 

Descripiton

Longteng CMS is based on the self-developed PHP underlying framework, which is permanently open source and free for commercial use; Efficient, simple and powerful, it is an ideal PHP CMS for enterprises to quickly build websites. Longteng CMS has an arbitrary file writing vulnerability. An attacker can use the vulnerability to write malicious files on the server, so as to completely control the host, steal data or disable business. This rule supports to defend the A6: Vulnerabe and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.