WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.2.32 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2025-6-18 | New Rules (18) |
Rule ID | Rule Name | Rule Details |
| 1070210485 | CVE-2025-32966,CVE-2025-49002:Dataease H2 Database JDBC Remote Code Execution Vulnerability | Click for Details | |
| 1070210486 | Sunlogin Remote Command Execution Vulnerability | Click for Details | |
| 1070210487 | CVE-2020-14179:Atlassian Jira Server Information Disclosure Vulnerability | Click for Details | |
| 1070210488 | CVE-2020-25540:ThinkAdmin Arbitrarily File Read Vulnerability | Click for Details | |
| 1070210489 | CVE-2020-36289:Jira Server and Data Center Information Disclosure Vulnerability | Click for Details | |
| 1070210490 | CVE-2022-1162:GitLab CE/EE Hard Coded vulnerability | Click for Details | |
| 1070210491 | CVE-2022-23277:Microsoft Exchange Server Command Execution Vulnerability (CVE-2021-42321) | Click for Details | |
| 1070210492 | CVE-2022-41040:Microsoft Exchange Server Elevation of Privilege Vulnerability | Click for Details | |
| 1070210493 | Sunlogin Unauthorized Access Session Vulnerability | Click for Details | |
| 1070310234 | CVE-2022-42889: Apache Commons Text Remote Code Execution Vulnerability | Click for Details | |
| 1070310235 | CVE-2021-44228: Apache Log4j2 Remote Code Execution Vulnerability - Bypass Format | Click for Details | |
| 1020310005 | XPath special symbol detected-2 | Click for Details | |
| 1020310006 | XPath OR symbal -3 | Click for Details | |
| 1020810045 | PHP Code Injection Attack | Click for Details | |
| 1020810046 | Suspicious template injection format detection - 1 | Click for Details | |
| 1020810047 | Suspicious template injection format detection - 2 | Click for Details | |
| 1020710015 | Detectd attempts to include sensitive files of weaver | Click for Details | |
| 1020410038 | Windows Batch Script Command Execution - Extract Substrings from Variable | Click for Details | Updated Rules (3) |
Rule ID | Description | Ruel Details |
| 1070310151 | CVE-2021-44228: Apache Log4j2 Remote Code Execution Vulnerability | Click for Details | |
| 1070310152 | CVE-2021-44228: Apache Log4j2 Remote Code Execution Vulnerability - lower/upper/date Bypass | Click for Details | |
| 1020310002 | XPath special symbol detected -1 | Click for Details | |