We are pleased to announce that a new updated WAF ruleset version 3.39 and version 3.40 have been released to production.
Changelog
WAF v.3.40
- Added rule id: 77316736 - IM360 WAF: Request body parsing error
- Added rule id: 77316737 - IM360 WAF: Request body parsing error block
- Updated rule id: 77140836 - IM360 WAF: RCE vulnerability in Joomla 3.4.6
- Updated rule id: 77244940 - IM360 WAF: SQLi vulnerability in SLiMS 8 Akasia through 8.3.1 (CVE-2017-12585)
WAF v.3.39
- Added rule id: 77316735 - IM360 WAF: WordPress Simple:Press - Broken Access Control
- Updated rule id: 33312 - IM360 WAF: Testing the IM360 ModSecurity ruleset
- Updated rule id: 77218420 - IM360 WAF: PHP Injection Attack: I/O Stream Found
- Updated rule id: 77142246 - IM360 WAF: WordPress Divi Theme - Unauthenticated Arbitrary File Upload leading to Remote Code Execution
- Updated rule id: 77316722 - IM360 WAF: WordPress plugin Autoptimize < 2.7.7 - Authenticated Arbitrary File Upload leading to Remote Code Execution