WAF Rules v.3.20 Released

Jul 10, 2020 10:19:24 AM

Inessa Atmachian

Inessa Atmachian, Technical Writer at CloudLinux. Crafting comprehensive product documentation and keeping users informed with release notes and updates.

WAF Rules v.3.20 Released

WAF-major-release1

We are pleased to announce that new updated WAF rulesets version 3.20 were released to production.

New protection rules:

Shell Upload in Joomla 3.x
SQLi in JM Car Classifieds CarAgent Templates Joomla Plugin
Joomla Com_Fabrik Vulnerabilities
GPON Routers - Authentication Bypass / Command Injection
XSS in PW WooCommerce Bulk Edit

Improved rules protecting against:

Joomla Com_Fabrik 3.9 controller File Upload Vulnerability
Joomla Codextrous B2jcontact 2.1.17 File Upload Vulnerability (CVE-2017-5214)
jQuery-File-Upload - Arbitrary File Upload (CVE-2018-9206)
SQL injection in wpDiscuz plugin before 5.3.6 (CVE-2020-13640)
System Command Injection
Directory Traversal
URI containing malicious URLs

WAF Rules v.3.20 Released

Jul 10, 2020 10:19:24 AM

Inessa Atmachian

WAF-major-release1

We are pleased to announce that new updated WAF rulesets version 3.20 were released to production.

New protection rules:

Shell Upload in Joomla 3.x
SQLi in JM Car Classifieds CarAgent Templates Joomla Plugin
Joomla Com_Fabrik Vulnerabilities
GPON Routers - Authentication Bypass / Command Injection
XSS in PW WooCommerce Bulk Edit

Improved rules protecting against:

Joomla Com_Fabrik 3.9 controller File Upload Vulnerability
Joomla Codextrous B2jcontact 2.1.17 File Upload Vulnerability (CVE-2017-5214)
jQuery-File-Upload - Arbitrary File Upload (CVE-2018-9206)
SQL injection in wpDiscuz plugin before 5.3.6 (CVE-2020-13640)
System Command Injection
Directory Traversal
URI containing malicious URLs