'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

mal_trojan:trojan_root_exe(Rule ID:1090200001)

Release Date2025/9/15

Rule NameTrojan Backdoor Access: Request URL

Severity:critical

CVE ID

 

Descripiton

Trojan is a specical program aiming to control another host, which contains two executable programs called controller and controlled end. Trojan conceals itself to be downloaded and executed by users, opens backdoor to controller. Controller may steal or destroy arbitrary files on controlled system, or even manipulate the controlled system. This rule inspects specific keywords in HTTP request URL to prevent such attacks. This rule supports to defend the A1: Broken Access Control of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.