IPS Signature Database Update
| Name | ips.sig | |||
| Version | 2.1.601 | |||
| StoneOS | StoneOS 5.0R4F3.1 or above | |||
| Release Date | 2025-04-07 | |||
| New Signature (31) |
Rule ID | Rule Name | StonesOS | Detail |
| 338776 | Gradio proxy SSRF Vulnerability (CVE-2023-34239) | 5.0R4 or above | click for more information | |
| 105464 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 332675 | Trojan Activity: PowerShell Base64 Encoded Content Command Common In Powershell Stagers M1 | 5.5R5 or above | click for more information | |
| 338774 | Gradio Path Traversal Vulnerability (CVE-2024-0964 CVE-2024-1728) | 5.5R5 or above | click for more information | |
| 105463 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 338782 | Gradio Path Traversal Vulnerability (CVE-2024-1561) | 5.0R4 or above | click for more information | |
| 338781 | Gradio Local Files Include Vulnerability (CVE-2024-4941) | 5.5R5 or above | click for more information | |
| 105471 | Ransomware Activity: Cerber Domain Observed | 5.5R5 or above | click for more information | |
| 332674 | Trojan Activity: Possible Darkhotel Higasia Downloader Checkin | 5.0R4 or above | click for more information | |
| 105475 | Ransomware Activity: Cerber Domain Observed | 5.5R5 or above | click for more information | |
| 105462 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 105467 | Trojan Activity: Inter Skimmer CnC Domain in DNS Lookup | 5.5R5 or above | click for more information | |
| 714744 | Trojan Activity: PowerShell Base64 Encoded Content Command Common In Powershell Stagers M2 | 5.5R5 or above | click for more information | |
| 105473 | Ransomware Activity: DNS Query to Cerber Domain | 5.5R5 or above | click for more information | |
| 338780 | Jupyter Server proxy Server Side Request Forgery Vulnerability (CVE-2022-21697) | 5.5R8 or above | click for more information | |
| 338769 | CrushFTP Authentication Bypass Vulnerability (CVE-2025-2825) | 5.5R5 or above | click for more information | |
| 105470 | Trojan Activity: BrushaLoader CnC DNS Lookup | 5.5R5 or above | click for more information | |
| 105474 | Ransomware Activity: Generic DNS Query for Suspicious CryptoWall (crpt) Domains | 5.5R5 or above | click for more information | |
| 105466 | Trojan Activity: Inter Skimmer CnC Domain in DNS Lookup | 5.5R5 or above | click for more information | |
| 332673 | Trojan Activity: PowerShell NonInteractive Command Common In Powershell Stagers | 5.5R5 or above | click for more information | |
| ...... | ||||
| Updated Signature (56) |
Rule ID | Rule Name | StonesOS | Detail |
| 337944 | Workout Journal App 1.0 Stored XSS Vulnerability (CVE-2024-24050) | 5.5R5 or above | Click here for more information | |
| 324079 | TerraMaster TOS Remote Code Execution Vulnerability (CVE-2017-9328) | 5.5R5 or above | Click here for more information | |
| 330956 | Z-Blog 1.5.1.1740 XSS Vulnerability (CVE-2018-7736) | 5.5R5 or above | Click here for more information | |
| 338051 | FreePBX 16 Remote Code Execution Vulnerability | 5.5R5 or above | Click here for more information | |
| 323757 | Webmin Package Updates Remote Command Execution Vulnerability (CVE-2019-12840) | 5.0R4 or above | Click here for more information | |
| 330900 | vBulletin 5.x widget_tabbedcontainer_tab_panel PHP remote code execution Vulnerability (CVE-2020-17496) | 5.5R5 or above | Click here for more information | |
| 336619 | Webshell Tool Antsword Detection - PHP Webshell Communication | 5.0R4 or above | Click here for more information | |
| 322059 | DataLife Engine 9.7 Remote Code Execution Vulnerability (CVE-2013-1412) | 5.5R5 or above | Click here for more information | |
| 323912 | ManageEngine OpManager Remote Code Execution Vulnerability (CVE-2015-7765) | 5.0R4 or above | Click here for more information | |
| 324198 | Tecnovision DlxSpot SQL Injection Vulnerability (CVE-2017-12930) | 5.5R5 or above | Click here for more information | |
| 322892 | Zoho ManageEngine Applications Manager 13.5 - Command Injection Vulnerability (CVE-2018-7890) | 5.5R5 or above | Click here for more information | |
| 324379 | Wordpress Plugin Appointment Booking Calendar CSV Injection Vulnerability (CVE-2020-9372) | 5.5R5 or above | Click here for more information | |
| 323779 | Pimcore Unserialize Remote Code Execution Vulnerability (CVE-2019-10867) | 5.0R4 or above | Click here for more information | |
| 323863 | Mailcleaner Remote Code Execution Vulnerability (CVE-2018-20323) | 5.5R5 or above | Click here for more information | |
| 330602 | SharePoint DataSet DataTable Deserialization Vulnerability (CVE-2020-1147) | 5.0R4 or above | Click here for more information | |
| 336498 | Gitlab OAuth Hard Coeded Password Vulnerability (CVE-2022-1162) | 5.5R5 or above | Click here for more information | |
| 330014 | Barco WePresent file_transfer.cgi Command Injection Vulnerability (CVE-2019-3929) | 5.0R4 or above | Click here for more information | |
| 330069 | D-Link unauthenticated command injection vulnerability (CVE-2019-16920) | 5.5R5 or above | Click here for more information | |
| 323935 | Wordpress Plainview Activity Monitor Remote Code Execution Vulnerability (CVE-2018-15877) | 5.5R5 or above | Click here for more information | |
| 330003 | EyesOfNetwork AutoDiscovery Target Nmap Privilege Escalation Vulnerability (CVE-2020-8655) | 5.5R5 or above | Click here for more information | |
| ...... | ||||