25-035 (August 26, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

Adobe Experience Manager
1012427 - Adobe Experience Manager Remote Code Execution Vulnerability (CVE-2025-54253)


CyberPanel
1012196* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-51567)


GhostCMS
1012434 - Ghost CMS Directory Traversal Vulnerability (CVE-2023-32235)


Ivanti Endpoint Manager
1012345* - Ivanti Endpoint Manager SQL Injection Vulnerability (CVE-2025-22461)


JetBrains TeamCity
1012429 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-52876)


Mail Server Common
1012173* - Roundcube Webmail Stored Cross-Site Scripting Vulnerability (CVE-2024-42009)


Web Application PHP Based
1012247* - WordPress 'Super Backup & Clone' Plugin Arbitrary File Upload Vulnerability (CVE-2024-9290)


Web Application Tomcat
1012251* - LibreNMS Command Injection Vulnerability (CVE-2024-51092)


Web Server HTTPS
1012353* - Cacti SQL Injection Vulnerability (CVE-2024-54146)
1012233* - WordPress 'FundEngine Donation and Crowdfunding Platform' SQL Injection Vulnerability (CVE-2022-0788)
1012320* - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
1012224* - WordPress 'Really Simple Security' Plugin Authentication Bypass Vulnerability (CVE-2024-10924)
1012223* - WordPress Core Deserialization of Untrusted Data Remote Code Execution Vulnerability (CVE-2024-31210)
1012365* - Zabbix SQL Injection Vulnerability (CVE-2024-36465)


Web Server Nagios
1012329* - Nagios XI SQL Injection Vulnerability (CVE-2023-48084)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

1012433 - Group Managed Service Account Password Access Attempt
1002795* - Microsoft Windows Events