IPS Signature Database Update

Name	ips.sig
Version	3.0.243
StoneOS	Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above
Release Date	2025-02-10
New Signature (10)	Rule ID	Rule Name	StoneOS	Detail
	338658	Founder Changxiang All Media News Editing System imageProxy.do Arbitrary file read vulnerability	5.0R4 or above	click for more information
	338659	Weaver E-office9 Arbitrary File Upload vulnerability (CVE-2023-2523)	5.0R4 or above	click for more information
	338656	Fastjson 1.2.83 Remote Code Execution Vulnerability (CVE-2022-25845)	5.0R4 or above	click for more information
	338666	Zabbix Authentication Bypass Vulnerability (CVE-2019-17382)	5.0R4 or above	click for more information
	338657	Kuaiyun Server Assistant GetDetail Arbitrary File Read Vulnerability	5.0R4 or above	click for more information
	338667	kkFileView 4.1.0 Server-Side Request Forgery Vulnerability (CVE-2022-43140)	5.5R8 or above	click for more information
	338664	Elfinder 2.1.58 Arbitrary File Upload Vulnerability (CVE-2021-32682)	5.0R4 or above	click for more information
	338665	Tongda OA v11.6 insert Interface SQL Injection Vulnerability	5.0R4 or above	click for more information
	338662	Cloudlog System request_form SQL Injection Vulnerability	5.5R5 or above	click for more information
	338661	Ejinshan Terminal Security System V9.0 Privilege Bypass Vulnerability	5.0R4 or above	click for more information
Updated Signature (13)	Rule ID	Rule Name	StoneOS	Detail
	337039	Tool Juice-Shop XSS Vulnerability Detected	5.5R8 or above	Click here for more information
	333612	Tongda OA v11.9 SQL Injection Vulnerability	5.5R5 or above	Click here for more information
	332982	Nagios XI Alert Cloud Cross-Site Scripting Vulnerability	5.0R4 or above	Click here for more information
	336534	Western Digital My Cloud Pro Series PR2100 Remote Code Execution Vulnerability	5.5R5 or above	Click here for more information
	337773	Zfsoft CreateCaFile Remote Code Execution Vulnerability	5.0R4 or above	Click here for more information
	338450	Yonyou U8 leadconversion.php SQL Injection Vulnerability	5.5R8 or above	Click here for more information
	336842	SimpleHTTP Server Transfer Detection	5.0R4 or above	Click here for more information
	338571	Ivanti Avalanche SmartDeviceServer XXE Vulnerability (CVE-2024-38653)	5.0R4 or above	Click here for more information
	338642	Digital China DCN online_list.php Arbitrary File Read Vulnerability	5.0R4 or above	Click here for more information
	337289	PHP Temporary Files Inclusion Vulnerability	5.5R5 or above	Click here for more information
	338640	Mlflow Arbitrary File Read Vulnerability (CVE-2024-8859)	5.0R4 or above	Click here for more information
	338641	Landry Multiple Endpoint Arbitrary File Read Vulnerability	5.5R5 or above	Click here for more information
	338533	Lunary 1.4.2 SQL Injection Vulnerability (CVE-2024-7456)	5.5R5 or above	Click here for more information