IPS Signature Database Update
| Name | ips.sig | |||
| Version | 3.0.271 | |||
| StoneOS | Firewall 5.5R8P2 or above, and NIPS/IDS 5.5R5-3.5 or above, and BDS 5.5R8-3.3 or above | |||
| Release Date | 2025-08-25 | |||
| New Signature (24) |
Rule ID | Rule Name | StoneOS | Detail |
| 717164 | Suspicious C2 Stage Detection - TCP Download | 5.0R4 or above | click for more information | |
| 339383 | Esafenet CDG API WorkFlowAction SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339393 | Hwzy99 Smart Park Platform getGroupEmployee.do SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339390 | Hwzy99 Smart Park Platform queryAlarmEvent.do SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339386 | Bianque Medical System GetLyfsByParams SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339396 | Acrel Intelligent Environmental Protection Cloud Platform API getmonitorrealdata SQL Injection Vulnerability | 5.0R4 or above | click for more information | |
| 339382 | Esafenet CDG API HookWhiteListservice SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339392 | Thunis Electronic Archives Management system download.html Arbitrary File Read Vulnerability | 5.5R5 or above | click for more information | |
| 339389 | Kingdee Apusic Application Server loadTree JNDI Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339399 | Tool Supershell Detection - HTTP Login | 5.5R5 or above | click for more information | |
| 717166 | Tool Supershell Detection - SSH Tunnel Connection | 5.5R5 or above | click for more information | |
| 339385 | Topvision Yibao OA API getPosition SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339395 | Weaver OA API remarkOperate Remote Command Execution Vulnerability | 5.0R4 or above | click for more information | |
| 339381 | Yonyou Chanjet CRM newleadset.php SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339388 | Lenovo Cloud Disk API write Arbitrary File Upload Vulnerability | 5.5R5 or above | click for more information | |
| 339398 | Suspicious SSH-over-WebSocket Tunnel Detection | 5.0R4 or above | click for more information | |
| 339384 | Hwzy99 Smart Park Platform getDoors.do SQL Injection Vulnerability | 5.5R5 or above | click for more information | |
| 339394 | Inspur GS PurBidSupplementSrv.asmx Arbitrary File Read Vulnerability | 5.5R5 or above | click for more information | |
| 717165 | Tool Viper Detection - TCP KeepAlive | 5.5R5 or above | click for more information | |
| 339380 | Qiyuesuo Signature And Seal System API dbtest Remote Command Execution Vulnerability | 5.0R4 or above | click for more information | |
| ...... | ||||
| Updated Signature (65) |
Rule ID | Rule Name | StoneOS | Detail |
| 334447 | Mining Activity[Multi Currency]: Trojan Win.Trojan.Vectecoin Coin Mining Program Download Attempt | 5.5R5 or above | Click here for more information | |
| 714741 | Mining Activity[Multi Currency]: CoinMiner Known Malicious Stratum Authline | 5.5R5 or above | Click here for more information | |
| 714762 | Mining Activity[Multi Currency]: Crypto CoinMiner Login | 5.5R5 or above | Click here for more information | |
| 334893 | SQL Injection Detection - Boolean Injection 9 | 5.5R5 or above | Click here for more information | |
| 714732 | Mining Activity[BitCoin]: W32/BitCoinMiner.MultiThreat Subscribe/Authorize Stratum Protocol Message | 5.5R5 or above | Click here for more information | |
| 332651 | Mining Activity[Monero]: Adylkuzz CnC Beacon 4 | 5.5R5 or above | Click here for more information | |
| 332699 | Mining Activity[Multi Currency]: ELF/Lady.G Connectivity Check | 5.5R5 or above | Click here for more information | |
| 714771 | Mining Activity[Multi Currency]: CoinMiner Known Malicious Stratum Authline | 5.5R5 or above | Click here for more information | |
| 714718 | Mining Activity[Multi Currency]: CoinMiner Known Malicious Stratum Authline | 5.5R5 or above | Click here for more information | |
| 332716 | Mining Activity[Monero]: Observed Coin-Hive In Browser Mining Domain | 5.5R5 or above | Click here for more information | |
| 332678 | Mining Activity[Multi Currency]: Clipsa Stealer - Coinminer Download | 5.5R5 or above | Click here for more information | |
| 332765 | Mining Activity[Multi Currency]: MSIL/Agent.RZW CoinMiner CnC Activity | 5.5R5 or above | Click here for more information | |
| 715402 | Mining Activity[Ether]: Ethereum Work Submit | 5.5R5 or above | Click here for more information | |
| 714749 | Mining Activity[Multi Currency]: CoinMiner Known Malicious Stratum Authline | 5.5R5 or above | Click here for more information | |
| 334435 | Mining Activity[Multi Currency]: CPUMiner Detection | 5.5R5 or above | Click here for more information | |
| 334446 | Mining Activity[Multi Currency]: Win.Trojan.Minerd Download Detection | 5.5R5 or above | Click here for more information | |
| 714740 | Mining Activity[Multi Currency]: Trojan.Win32.Blouiroet CnC - Reporting Miner Status | 5.5R5 or above | Click here for more information | |
| 332761 | Mining Activity[Multi Currency]: MyKings Bootloader Variant Requesting Payload M1 | 5.5R5 or above | Click here for more information | |
| 334764 | Cross-site Scripting Detection - In URI 112 | 5.5R5 or above | Click here for more information | |
| 332771 | Mining Activity[Multi Currency]: JKDDOS Download ddos.exe | 5.5R5 or above | Click here for more information | |
| ...... | ||||