WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.1.157 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2022-11-14 | New Rules (8) |
Rule ID | Rule Name | Rule Details |
| 1070210270 | Tongda OA File Inclusion Vulnerability | Click for Details | |
| 1070210271 | Kuaipai CMS Information Leakage Vulnerability | Click for Details | |
| 1070210272 | Weaver E-office do_excel.php arbitrary file writing vulnerability | Click for Details | |
| 1070210273 | Weaver E-Cology V8,V9 Remote Command Execution | Click for Details | |
| 1070210274 | Redsea eHR system file upload Vulnerability | Click for Details | |
| 1070210275 | Tongda OA V11.x Remote Code Execution Vulnerability | Click for Details | |
| 1070210276 | Landray OA Arbitrary File Upload Vulnerability | Click for Details | |
| 1090410094 | Godzilla v4.0 C# File upload | Click for Details | Updated Rules (62) |
Rule ID | Description | Ruel Details |
| 1030000031 | Detect XSS Injection with HTML Event 'onfocus' | Click for Details | |
| 1030000034 | Detect XSS Injection with HTML Event 'onerror' | Click for Details | |
| 1030000035 | Detect XSS Injection with lowsrc=javascript | Click for Details | |
| 1030000036 | Detect XSS Injection with JavaScript Function 'activexobject' | Click for Details | |
| 1030000037 | Detect XSS Injection with HTML Event 'onkeypress' | Click for Details | |
| 1030000038 | Detect XSS Injection with HTML Event 'onsubmit' | Click for Details | |
| 1030000039 | Detect XSS Injection with type=application/x-javascript | Click for Details | |
| 1030000040 | Detect XSS Injection with JavaScript Function 'addimport' | Click for Details | |
| 1030000042 | Detect XSS Injection with HTML Event 'onchange' | Click for Details | |
| 1030000043 | Detect XSS Injection with type=text/jscript | Click for Details | |
| 1030000044 | Detect XSS Injection with JavaScript Function 'alert' | Click for Details | |
| 1030000045 | Detect XSS Injection with type=application/x-vbscript | Click for Details | |
| 1030000047 | Detect XSS Injection with src=http | Click for Details | |
| 1030000048 | Detect XSS Injection with type=text/vbscript | Click for Details | |
| 1030000049 | Detect XSS Injection with HTML Event 'onmouseout' | Click for Details | |
| 1030000050 | Detect XSS Injection with lowsrc=shell | Click for Details | |
| 1030000051 | Detect XSS Injection via 'asfunction:' | Click for Details | |
| 1030000052 | Detect XSS Injection with HTML Event 'onmouseover' | Click for Details | |
| 1030000053 | Detect XSS Injection with href=vbscript | Click for Details | |
| 1030000054 | Detect XSS Injection with 'url=javascript:' | Click for Details | ... |