WAF Rule Set Update Announcement
Name | waf.sig | ||
Version | 1.2.0 | ||
StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
Release Date | 2023-6-3 | New Rules (44) |
Rule ID | Rule Name | Rule Details |
1090410100 | Suspicious Backdoor Access | Click for Details | |
1020610004 | HTTP Header Injection Attack(CR/LF detected in argument names) | Click for Details | |
1020610005 | HTTP Header Injection Attack via payload (CR/LF and header-name detected) | Click for Details | |
1020610006 | HTTP Header Injection Attack(CR/LF in ARGS GET) | Click for Details | |
1020510002 | Disable Dict Protocol In ARGS for Blocking SSRF Attack | Click for Details | |
1020510003 | Disable Gopher Protocol In ARGS for Blocking SSRF Attack | Click for Details | |
1020510004 | Disable Ldap Protocol In ARGS for Blocking SSRF Attack | Click for Details | |
1020510005 | Use SSRF to Access Cloud Metadata | Click for Details | |
1020510006 | Use SSRF to Access Domain resolved as localhost | Click for Details | |
1020510007 | Suspicious SSRF Port Scan Attack | Click for Details | |
1020510008 | Suspicious SSRF Intranet Scan Attack | Click for Details | |
1020510009 | php include and require file inclusion | Click for Details | |
1020510010 | php data preudo protocol file inclusion | Click for Details | |
1020510011 | php input and filter file inclusion | Click for Details | |
1020710010 | Disable File Protocol In ARGS for Blocking SSRF Attack | Click for Details | |
1020710011 | Use SSRF to Access Local Resource | Click for Details | |
1020710012 | Attempts to include sensitive file | Click for Details | |
1020710013 | Attempts to include PHP file | Click for Details | |
1020410014 | Unix Command Injection-4. | Click for Details | |
1020410015 | Unix Command Injection-5. | Click for Details | ... | Updated Rules (41) |
Rule ID | Description | Ruel Details |
1020400014 | Unix Shell Code. | Click for Details | |
1020400015 | Remote Command Execution: Shellshock-1. | Click for Details | |
1020400016 | Remote Command Execution: Shellshock-2. | Click for Details | |
1020400017 | Restricted File Upload Attempt. | Click for Details | |
1070110071 | CVE-2022-22978: Spring Security Authentication Bypass Vulnerability | Click for Details | |
1070310170 | CVE-2022-30778,CVE-2022-30779,CVE-2022-31279: Laravel Deserialization Remote Code Execution | Click for Details | |
1020510001 | Non HTTP Protocols Disabled In ARGS for Blocking SSRF Attack | Click for Details | |
1020710000 | Detect attempts to include .svn or .git | Click for Details | |
1020710001 | Detect attempts to include /etc/passwd | Click for Details | |
1020710002 | Detect attempts to include Boot.ini | Click for Details | |
1020710003 | Detect attempts to include .htaccess | Click for Details | |
1020710004 | Detect attempts to include .htpasswd | Click for Details | |
1020710005 | Detect attempts to include .htgroup | Click for Details | |
1020710006 | Detect attempts to include Httpd.conf | Click for Details | |
1020710007 | Detect attempts to include Global.asa | Click for Details | |
1020710008 | Detect attempts to include .wwwacl or .www_acl | Click for Details | |
1020710009 | Detect attempts to include Robot.txt | Click for Details | |
1000010051 | Sensitive Information or Files Access | Click for Details | |
1060110003 | Detected web security scanner:Xray | Click for Details | |
1060110005 | Detecting burpsuite scanning features | Click for Details | ... |