WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.2.27 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2025-4-11 | New Rules (36) |
Rule ID | Rule Name | Rule Details |
| 1070210468 | CVE-2025-1974,CVE-2025-1098:Kubernetes ingress-nginx Remte Code Execution Vulnerability | Click for Details | |
| 1070210469 | CVE-2025-2825:CrushFTP Authentication Bypass Vulnerability | Click for Details | |
| 1070210470 | CVE-2024-6940:DedeCMS V5.7.114 article_template_rand.php Code Injection Vulnerability | Click for Details | |
| 1070210471 | Yonyou NC smartweb2.RPC.d XXE Vulnerability | Click for Details | |
| 1070310192 | CVE-2023-6570:Kubeflow Server-Side Request Forgery Vulnerability | Click for Details | |
| 1070310193 | CVE-2023-6571:Kubeflow Cross-Site Scripting Vulnerability | Click for Details | |
| 1070310194 | CVE-2024-5552:Kubeflow Regex Denial of Service Vulnerability | Click for Details | |
| 1070310195 | CVE-2024-12450:Ragflow Server-Side Request Forgery Vulnerability | Click for Details | |
| 1070310196 | CVE-2023-34239:Gradio proxy SSRF Vulnerability | Click for Details | |
| 1070310197 | CVE-2023-34239:Gradio Directory Traversal Vulnerability | Click for Details | |
| 1070310198 | CVE-2023-46315:Stable Diffusion Web UI Local File Read Vulnerability | Click for Details | |
| 1070310199 | CVE-2024-0964,CVE-2024-1728:Gradio Directory traversal vulnerability | Click for Details | |
| 1070310200 | CVE-2024-1561:Gradio Path Traversal Vulnerability | Click for Details | |
| 1070310201 | CVE-2024-4941:Gradio Local Files Include Vulnerability | Click for Details | |
| 1070310202 | CVE-2024-28188:Jupyter Server jupyter-scheduler Unauthorized Access Vulnerability | Click for Details | |
| 1070310203 | CVE-2021-43831:Gradio Arbitrary File Read Vulnerability | Click for Details | |
| 1070310204 | CVE-2023-0297:Pyload Code Injection Vulnerability | Click for Details | |
| 1070310205 | CVE-2023-0488:Pyload Cross-Site Scripting Vulnerability | Click for Details | |
| 1070310206 | CVE-2023-6019:Ray Operating System Command Injection Vulnerability | Click for Details | |
| 1070310207 | CVE-2023-6021:Ray Path Traversal Vulnerability | Click for Details | |
| 1070310208 | CVE-2024-1240:Pyload Open Redirect Vulnerability | Click for Details | |
| 1070310209 | CVE-2024-7099,CVE-2024-25722:NetEase QAnything SQL Injection Vulnerability | Click for Details | |
| 1070310210 | CVE-2024-8060:Open WebUI Arbitrary File Upload Vulnerability | Click for Details | |
| 1070310211 | CVE-2024-10131:RAGFlow Command Injection Vulnerability | Click for Details | |
| 1070310212 | CVE-2024-21644:Pyload Configuration Information Leakage Vulnerability | Click for Details | |
| 1070310213 | CVE-2023-6977,CVE-2024-3573:Mlflow Arbitrary File Reading Vulnerability | Click for Details | |
| 1070310214 | CVE-2024-1560:Mlflow Path Traversal Vulnerability | Click for Details | |
| 1070310215 | CVE-2023-6831,CVE-2023-6015:Mlflow Path Traversal Vulnerability | Click for Details | |
| 1070310216 | CVE-2023-43472:Mlflow 2.8.1 Information Disclosure Vulnerability | Click for Details | |
| 1070310217 | CVE-2023-6976:Mlflow Path Traversal Vulnerability | Click for Details | |
| 1070310218 | CVE-2024-1483,CVE-2024-2928,CVE-2024-3848,CVE-2023-6909,CVE-2024-1594:Mlflow Path Traversal Vulnerability | Click for Details | |
| 1070310219 | CVE-2023-2356:Mlflow Path Traversal Vulnerability | Click for Details | |
| 1070310220 | FlowiseAI 2.2.6 Loader Process Abitrary File Upload Vulnerability | Click for Details | |
| 1070310221 | CVE-2025-26319:FlowiseAI 2.2.6 Abitrary File Upload Vulnerability | Click for Details | |
| 1070310222 | CVE-2024-31621:FlowiseAI Authentication Bypass Vulnerability | Click for Details | |
| 1070310223 | CVE-2023-6020:Ray Local File Incluede Vulnerability | Click for Details | |