<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-5HLVVHN" height="0" width="0" style="display:none;visibility:hidden">

WAF Rules v.3.32 and v.3.33 Released

 

WAF-major-release1

We are pleased to announce that new updated WAF rulesets versions 3.32 to 3.33 have been released to production.

Imunify360 WAF v3.33 (3 September)
  • Added rule id: 77316730 - IM360 WAF: WordPress plugin File Manager < 6.9 -Remote Code Execution
  • Updated rule id: 77233220 - IM360 WAF: XSS vulnerability in Modern Events Calendar Lite plugin 4.2.1 for WordPress
  • Updated rule id: 77211190 - IM360 WAF: Remote File Access Attempt
  • Updated rule id: 77316722 - IM360 WAF: WordPress plugin Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload leading to Remote Code Execution
Imunify360 WAF v3.32 (1 September)
  • Added rule id: 77316723 - IM360 WAF: SQL Injection in Plugin Email Subscribers & Newsletters 4.2.2 for WordPress (CVE-2019-20361)
  • Added rule id: 77316724,77316725 - IM360 WAF: File Upload/RCE in ThinkCMF
  • Added rule id: 77316726 - IM360 WAF: WordPress plugin wpStoreCart - Unauthenticated Arbitrary File Upload leading to Remote Code Execution
  • Added rule id: 77316727 - IM360 WAF: Suspicious file upload detection
  • Added rule id: 77316728 - IM360 WAF: Netgear unauthenticated RCE
  • Added rule id: 77316729 - IM360 WAF: Generic CSRF detection
  • Updated rule id: 77140866 - IM360 WAF: Malicious plugin upload attempt

WAF Rules v.3.32 and v.3.33 Released

 

WAF-major-release1

We are pleased to announce that new updated WAF rulesets versions 3.32 to 3.33 have been released to production.

Imunify360 WAF v3.33 (3 September)
  • Added rule id: 77316730 - IM360 WAF: WordPress plugin File Manager < 6.9 -Remote Code Execution
  • Updated rule id: 77233220 - IM360 WAF: XSS vulnerability in Modern Events Calendar Lite plugin 4.2.1 for WordPress
  • Updated rule id: 77211190 - IM360 WAF: Remote File Access Attempt
  • Updated rule id: 77316722 - IM360 WAF: WordPress plugin Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload leading to Remote Code Execution
Imunify360 WAF v3.32 (1 September)
  • Added rule id: 77316723 - IM360 WAF: SQL Injection in Plugin Email Subscribers & Newsletters 4.2.2 for WordPress (CVE-2019-20361)
  • Added rule id: 77316724,77316725 - IM360 WAF: File Upload/RCE in ThinkCMF
  • Added rule id: 77316726 - IM360 WAF: WordPress plugin wpStoreCart - Unauthenticated Arbitrary File Upload leading to Remote Code Execution
  • Added rule id: 77316727 - IM360 WAF: Suspicious file upload detection
  • Added rule id: 77316728 - IM360 WAF: Netgear unauthenticated RCE
  • Added rule id: 77316729 - IM360 WAF: Generic CSRF detection
  • Updated rule id: 77140866 - IM360 WAF: Malicious plugin upload attempt
Subscribe to Imunify security Newsletter