WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.1.163 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2023-4-10 | New Rules (6) |
Rule ID | Rule Name | Rule Details |
| 1070010033 | Windows HTTP Protocol Stack Remote Code Execution Vulnerability | Click for Details | |
| 1070210283 | WordPress Elementor Pro Plugin Access Control Vulnerability | Click for Details | |
| 1070210280 | SaltStack Unauthenticated Arbitrary File Wirte Vulnerability | Click for Details | |
| 1070210281 | Nexus Repository Manager 3 Remote Code Execution Vulnerability | Click for Details | |
| 1070210282 | VMware vRealize Operation Server-side Request Forge Vulnerability | Click for Details | |
| 1070310180 | Nacos Authentication Bypass Vulnerability | Click for Details | Updated Rules (51) |
Rule ID | Description | Ruel Details |
| 1070310001 | CVE-2016-5385: PHP HTTP_PROXY Enviroment Variables Vulnerability | Click for Details | |
| 1070310002 | CVE-2002-0882: Cisco VoIP Phone Denial of Service Vulnerability | Click for Details | |
| 1070310020 | CVE-2013-0625: Adobe ColdFusion scheduleedit.cfm Authentication Bypass Vulnerability | Click for Details | |
| 1070310021 | CVE-2015-2509: Microsoft Windows Media Center MCL Code Execution Vulnerability | Click for Details | |
| 1070310023 | CVE-2016-0711: Apache Jetspeed PageManagementService Cross-Site Scripting Vulnerability | Click for Details | |
| 1070310041 | CVE-2018-5712: PHP Input Validation Flaw in PHAR 404 Error Page Cross-site Scripting Attacks Vulnerability | Click for Details | |
| 1070310043 | CVE-2016-0490: Oracle Application Testing Suite Component Security Vulnerability | Click for Details | |
| 1070310044 | CVE-2017-0378: Phamm Cross-site Scripting Vulnerability | Click for Details | |
| 1070310046 | CVE-2018-6389: Wordpress load-scripts.php Lets Remote Users Consume Excessive I/O Resoures and Denial of Service Vulnerability | Click for Details | |
| 1070310047 | CVE-2010-0738: RedHat JBoss Enterprise Application Platform JMX Console Authentication Bypass | Click for Details | |
| 1070310048 | RedHat JBoss Enterprise Application Platform JMX Vulnerability | Click for Details | |
| 1070310067 | CVE-2017-12635: Apache CouchDB Remote Privilege Escalation Vulnerability | Click for Details | |
| 1070310075 | CVE-2016-0024: Microsoft Edge Memory Corruption Flaws Lets Remote Users Execute Arbitrary Code Vulnerability | Click for Details | |
| 1070310076 | CVE-2019-0537: Microsoft Visual Studio Information Disclosure Vulnerability | Click for Details | |
| 1070310086 | CVE-2016-3247: Microsoft Internet Explorer and Edge Remote Memory Corruption Vulnerability | Click for Details | |
| 1070310097 | CVE-2016-7194: Microsoft Edge Chakra Templatedforeachiteminrange Type Confusion Vulnerability | Click for Details | |
| 1070310098 | CVE-2016-7195: Microsoft Browser Memory Corruption Vulnerability | Click for Details | |
| 1070310099 | CVE-2016-7200: Microsoft Edge Scripting Engine Remote Memory Corruption Vulnerability | Click for Details | |
| 1070310100 | CVE-2016-7201: Microsoft Edge Chakra Array.shift Type Confusion Vulnerability | Click for Details | |
| 1070310101 | CVE-2016-7202: Microsoft Edge Array.reverse Overflow Vulnerability | Click for Details | ... |