'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_app:kingdee_eas_rce_vulnerability(Rule ID:1070210567)

Release Date2026/6/1

Rule NameKingdee EAS Remote Command Execution Vulnerability

Severity:critical

CVE ID

 

Descripiton

Kingdee EAS is a set of enterprise-level management software solutions developed by China Kingdee Software. Kingdee EAS aims to help enterprises achieve information-based management, providing comprehensive functional modules such as enterprise resource planning, customer relationship management, and supply chain management, covering multiple business areas including finance, human resources, procurement, sales, and production. There is a remote command execution vulnerability in the AdminService interface of the Kingdee EAS system. Attackers can execute arbitrary commands through this vulnerability, resulting in the server being compromised. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.