25-043 (October 21, 2025)

* indicates a new version of an existing rule

Deep Packet Inspection Rules:

CyberPanel
1012300* - CyberPanel Command Injection Vulnerability (CVE-2024-51378)
1012299* - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)


Ivanti Avalanche Remote Control Server
1012176* - Ivanti Avalanche Server-Side Request Forgery Vulnerability (CVE-2024-47008)


Ivanti Endpoint Manager
1012396* - Ivanti Endpoint Manager Credential Coercion Vulnerability (CVE-2024-13159)


JetBrains TeamCity
1012470 - JetBrains TeamCity Reflected Cross-Site Scripting Vulnerability (CVE-2025-54534)


Web Application Common
1009975* - Sonatype Nexus Repository Manager OS Command Injection Vulnerability (CVE-2019-5475)


Web Application PHP Based
1012400* - WordPress 'Kubio AI Page Builder' Plugin Local File Inclusion Vulnerability (CVE-2025-2294)
1012313* - WordPress 'Ultimate Exporter' Plugin Command Injection Vulnerability (CVE-2024-56278)


Web Server Apache
1012305* - Chamilo Command Injection Vulnerabilities (CVE-2023-34960 and CVE-2023-3368)


Web Server Miscellaneous
1012449* - XWiki SQL Injection Vulnerability (CVE-2025-32429)


Wing FTP Server
1012410* - Wing FTP Server Remote Code Execution Vulnerability (CVE-2025-47812)


Zoho ManageEngine ADAuditPlus
1012467 - Zoho ManageEngine ADAudit Plus SQL Injection Vulnerability (CVE-2025-36527)


Integrity Monitoring Rules:

There are no new or updated Integrity Monitoring Rules in this Security Update.


Log Inspection Rules:

There are no new or updated Log Inspection Rules in this Security Update.