WAFs of Several Major Vendors Bypassed With Generic Attack Method

A general technique for getting beyond the web application firewalls (WAFs) of numerous major vendors has been discovered by Claroty, a cybersecurity company for the industrial and Internet of Things. Further investigation indicated that the JSON data sharing standard might be abused to get around the WAF.

Following a review of the wireless device management platform from Cambium Networks, Claroty’s researchers identified the technique. They found a SQL injection flaw that might allow unauthorised access to private data such session cookies, tokens, SSH keys, and password hashes.

WAFs of Several Major Vendors Bypassed With Generic Attack Method

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address

WAFs of Several Major Vendors Bypassed With Generic Attack Method

08-Dec-22

Solutions

Services

Services

Knowledge

Solutions

Industries

Contact

Invinsense

About

INDIA | Ahmedabad

INDIA | Chennai

INDIA | Kochi

INDIA | Thane

UK | London

USA | New York

KUWAIT

SRI LANKA

Address