IPS Signature Database Update

Name ips.sig
Version 2.1.575
StoneOS StoneOS 5.0R4F3.1 or above
Release Date 2024-09-23
New Signature
(32)		 Rule ID Rule Name StonesOS Detail
338415 Jeecg-Boot SQL Injection Vulnerability (CVE-2023-38992) 5.0R4 or above click for more information
338425 SPIP BigUp Plugin Remote Code Execution Vulnerability (CVE-2024-8517) 5.5R5 or above click for more information
105356 Ransomware Activity: TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain (iq3ahijcfeont3xx) 5.5R5 or above click for more information
338421 Apache Ofbiz Unauthenticated Remote Code Execution Vulnerability (CVE-2024-45195) 5.0R4 or above click for more information
105362 Ransomware Activity: DNS Query to Cerber Domain 5.5R5 or above click for more information
714716 Trojan Activity: Win32/ArtraDownloader Checkin 5.5R5 or above click for more information
338417 WordPress Plugin Viral Signup 2.1 SQL Injection Vulnerability (CVE-2024-6926) 5.0R4 or above click for more information
105374 Trojan Activity: FatDuke Domain Observed 5.5R5 or above click for more information
332571 Ransomware Activity: Quant Loader Download Response 5.5R5 or above click for more information
338414 GestSup Cross-Site Scripting Vulnerability (CVE-2024-23167) 5.5R5 or above click for more information
105378 Ransomware Activity: Win32/Teslacrypt Ransomware .onion domain (7tno4hib47vlep5o) 5.5R5 or above click for more information
338420 Hoverfly 1.10.3 Arbitrary File Read Vulnerability (CVE-2024-45388) 5.0R4 or above click for more information
105359 Trojan Activity: Glupteba CnC Domain in DNS Lookup 5.5R5 or above click for more information
338416 Sqlpad Server-Side Template Injection Vulnerability (CVE-2022-0944) 5.0R4 or above click for more information
105355 Ransomware Activity: Cerber Domain Observed 5.5R5 or above click for more information
105377 Ransomware Activity: ABUSE.CH Ransomware/Cerber Onion Domain Lookup 5.5R5 or above click for more information
105369 Trojan Activity: PolyglotDuke Domain Observed 5.5R5 or above click for more information
338423 VICIdial 2.14-917a Remote Code Execution Vulnerability (CVE-2024-8504) 5.5R5 or above click for more information
105360 Trojan Activity: Glupteba CnC Domain in DNS Lookup 5.5R5 or above click for more information
338430 Ivanti Cloud Service Appliance Authenticated Command Injection Vulnerability (CVE-2024-8190) 5.5R5 or above click for more information
......
Updated Signature
(1)		 Rule ID Rule Name StonesOS Detail
338317 Apache-OFBiz Remote Code Execution Vulnerability (CVE-2024-38856) 5.5R5 or above Click here for more information