ruleUpdate
25-012 (25 mars 2025)
Description
* indicates a new version of an existing rule
Deep Packet Inspection Rules:
CyberPanel
1012299 - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
DCERPC Services - Client
1012183* - Microsoft Windows LNK File UI Misrepresentation Vulnerability Over SMB (ZDI-25-148)
Directory Client LDAP TCP
1012276* - Microsoft Windows LDAP Integer Overflow Vulnerability (CVE-2024-49112)
HPE Insight Remote Support
1012317 - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-53675)
Web Application Common
1012324 - Vercel Next.js Authorization Bypass Vulnerability (CVE-2025-29927)
Web Application PHP Based
1012285 - Clinic's Patient Management System Remote Code Execution Vulnerability (CVE-2022-40471)
1012307 - WordPress 'Tutor LMS' Plugin SQL Injection Vulnerability (CVE-2024-10400)
Web Client Common
1012182* - Microsoft Windows LNK File UI Misrepresentation Vulnerability Over HTTP (ZDI-25-148)
Web Server HTTPS
1012319 - Centreon SQL Injection Vulnerability (CVE-2024-55573)
1012066* - PHP-CGI Argument Injection Vulnerability (CVE-2024-4577)
1012320 - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.
Deep Packet Inspection Rules:
CyberPanel
1012299 - CyberPanel Remote Code Execution Vulnerability (CVE-2024-53376)
DCERPC Services - Client
1012183* - Microsoft Windows LNK File UI Misrepresentation Vulnerability Over SMB (ZDI-25-148)
Directory Client LDAP TCP
1012276* - Microsoft Windows LDAP Integer Overflow Vulnerability (CVE-2024-49112)
HPE Insight Remote Support
1012317 - HPE Insight Remote Support XML External Entity Injection Vulnerability (CVE-2024-53675)
Web Application Common
1012324 - Vercel Next.js Authorization Bypass Vulnerability (CVE-2025-29927)
Web Application PHP Based
1012285 - Clinic's Patient Management System Remote Code Execution Vulnerability (CVE-2022-40471)
1012307 - WordPress 'Tutor LMS' Plugin SQL Injection Vulnerability (CVE-2024-10400)
Web Client Common
1012182* - Microsoft Windows LNK File UI Misrepresentation Vulnerability Over HTTP (ZDI-25-148)
Web Server HTTPS
1012319 - Centreon SQL Injection Vulnerability (CVE-2024-55573)
1012066* - PHP-CGI Argument Injection Vulnerability (CVE-2024-4577)
1012320 - WordPress 'KiviCare' Plugin SQL Injection Vulnerability (CVE-2024-11728)
Integrity Monitoring Rules:
There are no new or updated Integrity Monitoring Rules in this Security Update.
Log Inspection Rules:
There are no new or updated Log Inspection Rules in this Security Update.