WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.1.144 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2022-7-14 | New Rules (4) |
Rule ID | Rule Name | Rule Details |
| 1070210243 | CVE-2022-2143: Advantech iView NetworkServlet Command Injection Vulnerability | Click for Details | |
| 1070210244 | CVE-2022-26135: Atlassian Jira Server Server Side Request Forgery Vulnerability | Click for Details | |
| 1070210245 | TongDa OA Arbitrary file deletion vulnerability | Click for Details | |
| 1070210246 | Yonyou NC ActionHandlerServlet deserialization vulnerability | Click for Details | Updated Rules (20) |
Rule ID | Description | Ruel Details |
| 1020000005 | Common DB Names | Click for Details | |
| 1020000027 | SQL phrasing union select from | Click for Details | |
| 1020000029 | MongoDB SQL Injection Attack Attempts | Click for Details | |
| 1020000039 | Basic SQL injection Attack Attempts | Click for Details | |
| 1020000040 | SQL statement and function such as dba_users, varchar etc | Click for Details | |
| 1020000041 | SQLI Bypass Attempt By Ticks or Backticks | Click for Details | |
| 1020010009 | NOT BETWEEN 0 | Click for Details | |
| 1020010010 | IS NULL | Click for Details | |
| 1020010011 | LIKE NULL | Click for Details | |
| 1020010012 | Operator IN | Click for Details | |
| 1020010013 | XOR/<>/RLIKE BINARY | Click for Details | |
| 1020010014 | REGEXP BINARY | Click for Details | |
| 1020010023 | root@ | Click for Details | |
| 1020010026 | SQL Authentication Bypass Using Quotes | Click for Details | |
| 1020010028 | SQL Authentication Bypass Using Between Quotes | Click for Details | |
| 1020010029 | Quotation Marks-1 | Click for Details | |
| 1020010030 | Quotation Marks-2 | Click for Details | |
| 1020010031 | Quotation Marks-3 | Click for Details | |
| 1020010032 | Quotation Marks-4 | Click for Details | |
| 1020010034 | SQL Authentication Bypass Using IS 0 | Click for Details | |