'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

mal_webshell_msc:backdoor_access(Rule ID:1090410100)

Release Date2025/9/15

Rule NameSuspicious Backdoor Access

Severity:critical

CVE ID

 

Descripiton

Backdoor is a kind of command execution envrionment which is in the form of Web page files like asp, php, jsp, cgi, etc. Attackers can use backdoor to invade the server to achieve the purposeof maliciously controlling the website server. This rule supports to defend the A7: Identification and Authentication Failures of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.