Login

WelcomeuserNew H3C退出

English

Contact Sales Online Exhibition Center Resource Center Become a Partner
Back

WAF Signature V7-WAF-1.0.38

Release time:2025-02-22
HomeSupportSecuritySignature Database ServicesSoftware DownloadSignature Database Services
Download
Title Size Downloads
V7-WAF-1.0.38.dat 2.16 MB

Version number
V7-WAF-1.0.38

MD5 number
65092740a6988c26c45f6f29807a8f9d

Update time
2025-02-12

Update attack list

Key new rules:
------------------------------
49490 Backdoor.WebShell.Godzilla_TZB_Connect_Success_JSP_Chunk
---- Category: Vulnerability
---- Description:
---- Godzilla is an enhanced tool of new generation which is developed by a security researcher based on the former tools ,eg China Chopper,Cknife and China AntSword.Because its communication data is encrypted by AES,so it's difficult to detect this kind of tools.

 

49493 Detected_BCEL_WebShell_Upload
---- Category: Vulnerability
---- Description:
---- This rule indicates the detection of excessive use of related code functions in BCEL webshell, possibly exploiting deserialization vulnerabilities for remote loading. However, it cannot be ruled out that normal business directly transmitting code in plain text or accessing code on websites may trigger the detection conditions of this rule. Therefore, it is necessary to further investigate the legitimacy of the source and destination IP sources based on actual traffic.

 

49498 CVE-2024-11680_ProjectSend_Authentication_Bypass(php_webshell_upload_exploit)
---- Category: Vulnerability
---- Description:
---- ProjectSend versions prior to r1720 are affected by an improper authentication vulnerability. Remote, unauthenticated attackers can exploit this flaw by sending crafted HTTP requests to options.php, enabling unauthorized modification of the application's configuration. Successful exploitation allows attackers to create accounts, upload webshells, and embed malicious JavaScript.

 

49505 Detected_ScriptEngine_WebShell_Upload
---- Category: Vulnerability
---- Description:
---- This rule indicates the detection of excessive use of related code functions in ScriptEngine webshell, possibly exploiting deserialization vulnerabilities for remote loading. However, it cannot be ruled out that normal business directly transmitting code in plain text or accessing code on websites may trigger the detection conditions of this rule. Therefore, it is necessary to further investigate the legitimacy of the source and destination IP sources based on actual traffic.

  • Cloud & AI
  • InterConnect
  • Intelligent Computing
  • Intelligent Storage
  • Security
  • SMB Products
  • Intelligent Terminal Products

Cloud & AI

Intelligent Connection

Intelligent Computing

H3C UniServer R4900 G5 Server

Learn more

Intelligent Storage

Security

Situational Awareness

Learn more

Zero Trust Security Solution

Learn more

SMB Products

Intelligent Terminal Products

Industry Solutions

The Government Cloud “1+N+N+1” Innovation Model Becomes a Template

Learn more

Strong Support for the G20 Hangzhou Summit

Learn more
  • Product Support Services
  • Technical Service Solutions
All Services

Product Support Services

Technical Service Solutions

  • Resource Center
  • Policy
  • Online Help
  • Technical Blogs
All Support

Resource Center

Policy

Online Help

Technical Blogs

Training & Certification

  • Become A Partner
  • Partner Policy & Program
  • Global Learning
  • Partner Sales Resources
  • Partner Business Management
  • Service Business
All Partners

Become a Partner

Partner Policy & Program

Global Learning

Partner Sales Resources

Partner Business Management

Service Business

  • Profile
  • News & Events
  • Online Exhibition Center
  • Contact Us
All About Us

Profile

News & Events

Online Exhibition Center

Contact Us

新华三官网