Rule Update
25-029 (15 luglio 2025)
Descrizione
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
1005153* - Print Spooler Service Format String Vulnerability (CVE-2012-1851) II
DNS Client
1008571* - DNS Request To ShadowPad Domain Detection
Kubernetes Ingress-Nginx Controller
1012367 - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities
Redis Server
1012286* - Redis Use After Free Vulnerability (CVE-2024-46981)
Solr Service
1012280* - Apache Solr Authentication Bypass Vulnerability (CVE-2024-45216)
Web Application PHP Based
1012277* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-53457)
1012265* - WordPress 'White Label CMS' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0422)
Web Client HTTPS
1010132* - Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) - 1
Web Server Adobe ColdFusion
1012404 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server Adobe ColdFusion AddOns
1012402 - Adobe ColdFusion XML External Entity Injection Vulnerability (CVE-2025-49538)
Web Server HTTPS
1012284* - Apache Traffic Control SQL Injection Vulnerability (CVE-2024-45387)
Web Server Miscellaneous
1008207* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)
1012398 - XWiki SQL Injection Vulnerability (CVE-2025-32969)
Windows Services RPC Client DCERPC
1012178* - Identified Windows DCERPC AUTH LEVEL CONNECT Windows Remote Registry Request
Windows Services RPC Server DCERPC
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)
Zoho ManageEngine ADSelfService Plus
1012393 - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
DCERPC Services - Client
1012075* - Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability Over SMB (CVE-2024-38112)
1005153* - Print Spooler Service Format String Vulnerability (CVE-2012-1851) II
DNS Client
1008571* - DNS Request To ShadowPad Domain Detection
Kubernetes Ingress-Nginx Controller
1012367 - Kubernetes Ingress-Nginx Multiple Code Injection Vulnerabilities
Redis Server
1012286* - Redis Use After Free Vulnerability (CVE-2024-46981)
Solr Service
1012280* - Apache Solr Authentication Bypass Vulnerability (CVE-2024-45216)
Web Application PHP Based
1012277* - LibreNMS Stored Cross-Site Scripting Vulnerability (CVE-2024-53457)
1012265* - WordPress 'White Label CMS' Plugin Reflected Cross-Site Scripting Vulnerability (CVE-2022-0422)
Web Client HTTPS
1010132* - Microsoft Windows CryptoAPI Spoofing Vulnerability (CVE-2020-0601) - 1
Web Server Adobe ColdFusion
1012404 - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49540)
Web Server Adobe ColdFusion AddOns
1012402 - Adobe ColdFusion XML External Entity Injection Vulnerability (CVE-2025-49538)
Web Server HTTPS
1012284* - Apache Traffic Control SQL Injection Vulnerability (CVE-2024-45387)
Web Server Miscellaneous
1008207* - Apache Struts2 Remote Code Execution Vulnerability (CVE-2017-5638)
1012398 - XWiki SQL Injection Vulnerability (CVE-2025-32969)
Windows Services RPC Client DCERPC
1012178* - Identified Windows DCERPC AUTH LEVEL CONNECT Windows Remote Registry Request
Windows Services RPC Server DCERPC
1010519* - Netlogon Elevation Of Privilege Vulnerability (Zerologon) (CVE-2020-1472)
Zoho ManageEngine ADSelfService Plus
1012393 - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.