WAF Rule Set Update Announcement
| Name | waf.sig | ||
| Version | 1.2.21 | ||
| StoneOS Version | 5.5R2-W-1.1 or above, BDS 5.5R8-3.4 or above | ||
| Release Date | 2025-1-7 | New Rules (12) |
Rule ID | Rule Name | Rule Details |
| 1070210342 | Weaver Ecology BlogService Interface SQL Injection Vulnerability | Click for Details | |
| 1070210343 | H3C iMC autoDeploy.xhtml Remote Code Execution Vulnerability | Click for Details | |
| 1070210344 | CVE-2024-38856:Apache OFBiz Remote Code Execution Vulnerability | Click for Details | |
| 1070210345 | Weaver E-cology V9 uploaderOperate.jsp Arbitrary File Upload Vulnerability | Click for Details | |
| 1070210346 | Weaver e-office officeserver.php Arbitrary File Read Vulnerability | Click for Details | |
| 1070210347 | Weaver OA weaver.common.Ctrl Arbitrary File Upload Vulnerability | Click for Details | |
| 1070210348 | Weaver E-Cology KtreeUploadAction Arbitrary File Upload Vulnerability | Click for Details | |
| 1070210349 | Weaver e-cology DBconfigReader Infomation Leakage Vulnerability | Click for Details | |
| 1070210350 | Weaver e-cology ofsLogin.jsp Arbitrary User Login Vulnerability | Click for Details | |
| 1060310001 | Directory Traversal Attack(/../and other encoding forms) In Request Body | Click for Details | |
| 1060110031 | Detect Scan Attempts from Suspected Web Scanners | Click for Details | |
| 1060110032 | Detect User-Agent that May Act as Web Scanners | Click for Details | Updated Rules (3) |
Rule ID | Description | Ruel Details |
| 1060300000 | Directory Traversal Attack(/../and other encoding forms) | Click for Details | |
| 1070210338 | CVE-2019-2618:Oracle WebLogic Server DeploymentServiceServlet Arbitrary File Upload Vulnerability | Click for Details | |
| 1070210341 | CVE-2024-8190:Ivanti Cloud Services Appliance Command Injection Vulnerability | Click for Details | |