IPS Signature Database Update
| Name | ips.sig | |||
| Version | 2.1.598 | |||
| StoneOS | StoneOS 5.0R4F3.1 or above | |||
| Release Date | 2025-03-17 | |||
| New Signature (27) |
Rule ID | Rule Name | StonesOS | Detail |
| 105379 | Ransomware Activity: TeslaCrypt/AlphaCrypt Payment DNS Lookup | 5.5R5 or above | click for more information | |
| 338733 | Palo Alto Networks Expedition restoreAdmin.php Unauthenticated Admin Password Reset Vulnerability (CVE-2024-5910) | 5.0R4 or above | click for more information | |
| 505894 | Roundcube Webmail Persistent Cross Site Scripting Vulnerability (CVE-2024-37383) | 5.0R4 or above | click for more information | |
| 105393 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105391 | Ransomware Activity: CryptoWall .onion Proxy Domain (7oqnsnzwwnm6zb7y) | 5.5R5 or above | click for more information | |
| 332585 | Ransomware Activity: Jaff Ransomware Checkin | 5.5R5 or above | click for more information | |
| 105382 | Ransomware Activity: Ransomware/Cerber Onion Domain Lookup | 5.5R5 or above | click for more information | |
| 105396 | Ransomware Activity: Ransomware Locky .onion Payment Domain (mphtadhci5mrdlju) | 5.5R5 or above | click for more information | |
| 338732 | Roundcube Webmail im_convert_path Remote Code Execution Vulnerability (CVE-2020-12641) | 5.5R5 or above | click for more information | |
| 338742 | Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813) | 5.0R4 or above | click for more information | |
| 105392 | Ransomware Activity: TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain | 5.5R5 or above | click for more information | |
| 105390 | Ransomware Activity: Ransomware/Cerber Onion Domain Lookup | 5.5R5 or above | click for more information | |
| 105381 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 338738 | Cisco IP Phones Web Server Denial of Service Vulnerability (CVE-2020-3161) | 5.5R4 or above | click for more information | |
| 338735 | Juniper Junos Remote Code Execution Vulnerability (CVE-2023-36845) | 5.5R5 or above | click for more information | |
| 105389 | Ransomware Activity: Ransomware/Cerber Onion Domain Lookup | 5.5R5 or above | click for more information | |
| 105380 | Ransomware Activity: Ransomware Locky .onion Payment Domain (5n7y4yihirccftc5) | 5.5R5 or above | click for more information | |
| 105395 | Ransomware Activity: Locky .onion Payment Domain | 5.5R5 or above | click for more information | |
| 105385 | Ransomware Activity: TeslaCrypt/AlphaCrypt Variant .onion Proxy Domain | 5.5R5 or above | click for more information | |
| 338737 | Dahua IP Camera Loopback Authentication Bypass Vulnerability (CVE-2021-33045) | 5.0R4 or above | click for more information | |
| ...... | ||||
| Updated Signature (20) |
Rule ID | Rule Name | StonesOS | Detail |
| 332808 | HP SiteScope integrationViewer Default Credentials Vulnerability | 5.5R5 or above | Click here for more information | |
| 336226 | H2Console JDBC URL Arbitrary Code Execution Vulnerability (CVE-2022-23221) | 5.0R4 or above | Click here for more information | |
| 330019 | Multiple DrayTek Products Pre-authentication Remote Code Execution Vulnerability (CVE-2020-8515) | 5.5R5 or above | Click here for more information | |
| 333727 | Zoho ManageEngine ServiceDesk Plus Command Execution Vulnerability (CVE-2021-20081) | 5.0R4 or above | Click here for more information | |
| 332000 | FortiOS SSL VPN Pre-Auth Messages Payload Buffer Overflow Vulnerability (CVE-2018-13381) | 5.5R5 or above | Click here for more information | |
| 336631 | Zoho ManageEngine ServiceDesk Plus Cross Site Scripting Vulnerability (CVE-2021-46065) | 5.5R5 or above | Click here for more information | |
| 333001 | VegaDNS axfr_get.php Command Injection Vulnerability | 5.5R5 or above | Click here for more information | |
| 319988 | Ipfire Ids.cgi OINKCODE Parameter Command Injection Vulnerability -2 (CVE-2017-9757) | 5.5R5 or above | Click here for more information | |
| 334110 | GitLab CE EE Branch Name Stored Cross Site Scripting Vulnerability (CVE-2021-22241) | 5.5R5 or above | Click here for more information | |
| 336552 | WordPress Modern Events Calendar Lite Plugin Stored Cross Site Scripting Vulnerability (CVE-2022-0364) | 5.5R5 or above | Click here for more information | |
| 334016 | Nagios XI Switch Wizard Remote Code Execution Vulnerability(CVE-2021-37344) | 5.5R5 or above | Click here for more information | |
| 334153 | Jenkins Active Choices Plugin Cross Site Scripting Vulnerability (CVE-2021-21699) | 5.5R5 or above | Click here for more information | |
| 333052 | PHP DateTimeZone Object timezone Unserialize Type Confusion Vulnerability | 5.5R5 or above | Click here for more information | |
| 336158 | Delta Industrial Automation DIAEnergie Stored Cross Site Scripting Vulnerability (CVE-2021-31558) | 5.5R5 or above | Click here for more information | |
| 332916 | AlienVault USM and OSSIM 5.3.4/5.3.5 fqdn get_fqdn Command Injection Vulnerability | 5.5R5 or above | Click here for more information | |
| 333552 | Apache Struts OGNL Remote Code Execution Vulnerability (CVE-2019-0230) | 5.5R5 or above | Click here for more information | |
| 305332 | HP OpenView NetworknnmRptConfig.exe schd_select1 Remote Code Execution Vulnerability (CVE-2011-0269) | 5.5R4 or above | Click here for more information | |
| 336798 | Jenkins JUnit Plugin Stored Cross Site Scripting Vulnerability (CVE-2022-34176) | 5.5R5 or above | Click here for more information | |
| 333262 | Electric Sheep Fencing pfSense system_groupmanager.php Command Injection Vulnerability | 5.5R5 or above | Click here for more information | |
| 336293 | Jenkins Plugin Matrix Project Plugin Stored Cross Site Scripting Vulnerability (CVE-2022-20615) | 5.5R5 or above | Click here for more information | |
| ...... | ||||