IPS Signature Database Update
| Name | ips.sig | |||
| Version | 3.0.248 | |||
| StoneOS | Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above | |||
| Release Date | 2025-03-17 | |||
| New Signature (10) |
Rule ID | Rule Name | StoneOS | Detail |
| 338735 | Juniper Junos Remote Code Execution Vulnerability (CVE-2023-36845) | 5.5R5 or above | click for more information | |
| 338732 | Roundcube Webmail im_convert_path Remote Code Execution Vulnerability (CVE-2020-12641) | 5.5R5 or above | click for more information | |
| 338742 | Apache Tomcat Remote Code Execution Vulnerability (CVE-2025-24813) | 5.0R4 or above | click for more information | |
| 338733 | Palo Alto Networks Expedition restoreAdmin.php Unauthenticated Admin Password Reset Vulnerability (CVE-2024-5910) | 5.0R4 or above | click for more information | |
| 505894 | Roundcube Webmail Persistent Cross Site Scripting Vulnerability (CVE-2024-37383) | 5.0R4 or above | click for more information | |
| 338730 | Zabbix Setup Configuration Authentication Bypass Vulnerability (CVE-2022-23134) | 5.5R8 or above | click for more information | |
| 338738 | Cisco IP Phones Web Server Denial of Service Vulnerability (CVE-2020-3161) | 5.5R4 or above | click for more information | |
| 338736 | Ivanti Avalanche Remote Control Server validateAMCWSConnection SSRF Vulnerability (CVE-2023-46262) | 5.0R4 or above | click for more information | |
| 338737 | Dahua IP Camera Loopback Authentication Bypass Vulnerability (CVE-2021-33045) | 5.0R4 or above | click for more information | |
| 338734 | Oracle Application Development Framework Deserialization Vulnerability (CVE-2022-21445) | 5.0R4 or above | click for more information | |
| Updated Signature (35) |
Rule ID | Rule Name | StoneOS | Detail |
| 306968 | Instantcms 'orderby' Parameter SQL Injection Vulnerability (CVE-2013-6839) | 5.0R4 or above | Click here for more information | |
| 332000 | FortiOS SSL VPN Pre-Auth Messages Payload Buffer Overflow Vulnerability (CVE-2018-13381) | 5.5R5 or above | Click here for more information | |
| 332916 | AlienVault USM and OSSIM 5.3.4/5.3.5 fqdn get_fqdn Command Injection Vulnerability | 5.5R5 or above | Click here for more information | |
| 333727 | Zoho ManageEngine ServiceDesk Plus Command Execution Vulnerability (CVE-2021-20081) | 5.0R4 or above | Click here for more information | |
| 333052 | PHP DateTimeZone Object timezone Unserialize Type Confusion Vulnerability | 5.5R5 or above | Click here for more information | |
| 336158 | Delta Industrial Automation DIAEnergie Stored Cross Site Scripting Vulnerability (CVE-2021-31558) | 5.5R5 or above | Click here for more information | |
| 336293 | Jenkins Plugin Matrix Project Plugin Stored Cross Site Scripting Vulnerability (CVE-2022-20615) | 5.5R5 or above | Click here for more information | |
| 306265 | GLPI Install.php Remote Command Execution Vulnerability -1 (CVE-2013-5696) | 5.5R5 or above | Click here for more information | |
| 334016 | Nagios XI Switch Wizard Remote Code Execution Vulnerability(CVE-2021-37344) | 5.5R5 or above | Click here for more information | |
| 310506 | Nagiosql Txtsearch Parameter Cross-site Scripting Vulnerability -2 (CVE-2013-6039) | 5.5R5 or above | Click here for more information | |
| 317296 | Trend Micro Threat Discovery Appliance Command Execution Vulnerability (CVE-2016-7547) | 5.5R5 or above | Click here for more information | |
| 319988 | Ipfire Ids.cgi OINKCODE Parameter Command Injection Vulnerability -2 (CVE-2017-9757) | 5.5R5 or above | Click here for more information | |
| 334110 | GitLab CE EE Branch Name Stored Cross Site Scripting Vulnerability (CVE-2021-22241) | 5.5R5 or above | Click here for more information | |
| 336552 | WordPress Modern Events Calendar Lite Plugin Stored Cross Site Scripting Vulnerability (CVE-2022-0364) | 5.5R5 or above | Click here for more information | |
| 333001 | VegaDNS axfr_get.php Command Injection Vulnerability | 5.5R5 or above | Click here for more information | |
| 333552 | Apache Struts OGNL Remote Code Execution Vulnerability (CVE-2019-0230) | 5.5R5 or above | Click here for more information | |
| 310128 | Symantec IM Manager Administrator Interface SQL Injection Vulnerability (CVE-2011-0553) | 5.5R5 or above | Click here for more information | |
| 332324 | Ipswitch WhatsUp Web Interface SQL Injection Vulnerability (CVE-2005-1250) | 5.5R5 or above | Click here for more information | |
| 333262 | Electric Sheep Fencing pfSense system_groupmanager.php Command Injection Vulnerability | 5.5R5 or above | Click here for more information | |
| 336226 | H2Console JDBC URL Arbitrary Code Execution Vulnerability (CVE-2022-23221) | 5.0R4 or above | Click here for more information | |
| ...... | ||||