Rule Update
25-046 (2025年11月11日)
概要
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CentOS Web Panel
1012480 - CentOS Web Panel Command Injection Vulnerability (CVE-2025-48703)
Ivanti Endpoint Manager
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32839 and CVE-2025-62387)
1012213* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32841 and CVE-2025-62389)
JetBrains TeamCity
1012429* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)
Network Scanner
1008800* - Bypass Network Scanner Traffic
NodeBB
1012382* - NodeBB Stored Cross-Site Scripting Vulnerability (CVE-2024-57041)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
TFTP Client Decoder
1003526* - Enable TFTP Decoder
Web Application PHP Based
1012416* - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)
Web Client Common
1004715* - HTTP Web Client Decoding
Web Server Adobe ColdFusion
1012406* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49543)
Web Server Common
1012412* - Bypass Network Scanner Traffic - XFF
1000128* - HTTP Protocol Decoding
Web Server HTTPS
1012469 - WordPress 'Everest Forms' Plugin Unrestricted File Upload Vulnerability (CVE-2025-1128)
Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder
Zoho ManageEngine ADSelfService Plus
1012393* - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)
Integrity Monitoring Rules:
1002853* - Application - Apache Tomcat
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
CentOS Web Panel
1012480 - CentOS Web Panel Command Injection Vulnerability (CVE-2025-48703)
Ivanti Endpoint Manager
1012211* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32839 and CVE-2025-62387)
1012213* - Ivanti Endpoint Manager SQL Injection Vulnerabilities (CVE-2024-32841 and CVE-2025-62389)
JetBrains TeamCity
1012429* - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)
Network Scanner
1008800* - Bypass Network Scanner Traffic
NodeBB
1012382* - NodeBB Stored Cross-Site Scripting Vulnerability (CVE-2024-57041)
Port Mapper Windows
1001033* - Windows Port Mapper Decoder
TFTP Client Decoder
1003526* - Enable TFTP Decoder
Web Application PHP Based
1012416* - WordPress 'AIT CSV Import/Export' Plugin Arbitrary File Upload Vulnerability (CVE-2020-36849)
Web Client Common
1004715* - HTTP Web Client Decoding
Web Server Adobe ColdFusion
1012406* - Adobe ColdFusion Stored Cross-Site Scripting Vulnerability (CVE-2025-49543)
Web Server Common
1012412* - Bypass Network Scanner Traffic - XFF
1000128* - HTTP Protocol Decoding
Web Server HTTPS
1012469 - WordPress 'Everest Forms' Plugin Unrestricted File Upload Vulnerability (CVE-2025-1128)
Windows Services RPC Client DCERPC
1007538* - Windows Client Port Mapper Decoder
Zoho ManageEngine ADSelfService Plus
1012393* - Zoho ManageEngine ADSelfService Plus SQL Injection Vulnerability (CVE-2025-3833)
Integrity Monitoring Rules:
1002853* - Application - Apache Tomcat
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.