Rule Update
25-039 (2025年9月23日)
2025年9月23日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
Ivanti Endpoint Manager
1012245* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-34783)
Web Application PHP Based
1012243* - MediaWiki CSS Extension Path Traversal Vulnerability (CVE-2024-47841)
Web Application Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)
Web Client HTTPS
1012446 - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-54261)
1012450 - Identified NPM Supply Chain Data Exfiltration Attack (Shai-hulud)
1012440 - Microsoft Windows WMPhoto Heap Buffer Overflow Vulnerability (CVE-2025-29962)
Web Server HTTPS
1012448 - Microsoft Windows KDC Proxy Use After Free Vulnerability (CVE-2025-33071)
1012453 - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server Miscellaneous
1012258* - XWiki Information Disclosure Vulnerability (CVE-2023-50719)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)
Ivanti Endpoint Manager
1012245* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2024-34783)
Web Application PHP Based
1012243* - MediaWiki CSS Extension Path Traversal Vulnerability (CVE-2024-47841)
Web Application Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)
Web Client HTTPS
1012446 - Adobe ColdFusion Directory Traversal Vulnerability (CVE-2025-54261)
1012450 - Identified NPM Supply Chain Data Exfiltration Attack (Shai-hulud)
1012440 - Microsoft Windows WMPhoto Heap Buffer Overflow Vulnerability (CVE-2025-29962)
Web Server HTTPS
1012448 - Microsoft Windows KDC Proxy Use After Free Vulnerability (CVE-2025-33071)
1012453 - Sitecore Experience Manager and Platform Cache Poisoning Vulnerability (CVE-2025-53693)
Web Server Miscellaneous
1012258* - XWiki Information Disclosure Vulnerability (CVE-2023-50719)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.