WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.1.152 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2022-8-18 | New Rules (1) |
Rule ID | Rule Name | Rule Details |
| 1070210263 | CVE-2022-24112: Apache APISIX Remote Code Execution Vulnerability | Click for Details | Updated Rules (12) |
Rule ID | Description | Ruel Details |
| 1000000059 | The Content-Type header is illegal in the HTTP Request | Click for Details | |
| 1070210055 | CVE-2017-9791: Apache Struts Bug in Struts 1 Plugin POST Remote Code Execute Vulnerability | Click for Details | |
| 1070210138 | CVE-2020-16875: Exchange Server Remote Code Execution | Click for Details | |
| 1070210157 | CVE-2021-26855: Microsoft Exchange Server-side Request Forge Vulnerability:PostXml | Click for Details | |
| 1070210158 | CVE-2021-21972: Vmware Vcenter Vsphere-UI Unauthenticated File Upload Vulnerability | Click for Details | |
| 1070210159 | CVE-2020-7200: HPE Systems Insight Manager AMF Deserialization Remote Code Execution Vulnerability | Click for Details | |
| 1070210160 | CVE-2021-26295: Apache OFBiz RMI Deserialization Vulnerability | Click for Details | |
| 1070210204 | CVE-2018-7600: Drupal Drupalgeddon2 Remote Code Execution Vulnerability | Click for Details | |
| 1070310146 | Infosec NSAE Remote Command Execution Vulnerability | Click for Details | |
| 1020410007 | Unix Command Injection-Common keyword. | Click for Details | |
| 1020410011 | Windows Command Injection-Common keyword. | Click for Details | |
| 1060110004 | Detecting nmap from request_body | Click for Details | |