Rule Update
25-043 (2025年10月21日)
2025年10月21日
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
Ivanti Endpoint Manager
1012396* - Ivanti Endpoint Manager Credential Coercion Vulnerability (CVE-2024-13159)
JetBrains TeamCity
1012470 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)
Web Application Common
1009975* - Sonatype Nexus Repository Manager OS Command Injection Vulnerability (CVE-2019-5475)
Web Application PHP Based
1012400* - WordPress 'Kubio AI Page Builder' Plugin Local File Inclusion Vulnerability (CVE-2025-2294)
1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)
Web Server Apache
1012305* - Chamilo Command Injection Vulnerabilities (CVE-2023-34960 and CVE-2023-3368)
Web Server Miscellaneous
1012449* - XWiki SQL Injection Vulnerability (CVE-2025-32429)
Wing FTP Server
1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Zoho ManageEngine ADAuditPlus
1012467 - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
CyberPanel
1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)
Ivanti Endpoint Manager
1012396* - Ivanti Endpoint Manager Credential Coercion Vulnerability (CVE-2024-13159)
JetBrains TeamCity
1012470 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)
Web Application Common
1009975* - Sonatype Nexus Repository Manager OS Command Injection Vulnerability (CVE-2019-5475)
Web Application PHP Based
1012400* - WordPress 'Kubio AI Page Builder' Plugin Local File Inclusion Vulnerability (CVE-2025-2294)
1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)
Web Server Apache
1012305* - Chamilo Command Injection Vulnerabilities (CVE-2023-34960 and CVE-2023-3368)
Web Server Miscellaneous
1012449* - XWiki SQL Injection Vulnerability (CVE-2025-32429)
Wing FTP Server
1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)
Zoho ManageEngine ADAuditPlus
1012467 - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.