Multiple Major Vendors’ WAFs Bypassed Using Generic Attack Technique


A general technique for getting around the web application firewalls (WAFs) of several major vendors has been discovered by Claroty, a cybersecurity company for the industrial and Internet of Things.

Following a review of the wireless device management platform from Cambium Networks, Claroty’s researchers discovered the technique. They found a SQL injection flaw that could allow unauthorized access to private data like session cookies, tokens, SSH keys, and password hashes. The vulnerability could be exploited against the on-premises version, but the Amazon Web Services (AWS) WAF blocked any attempts to do so against the cloud version by flagging the SQL injection payload as malicious.

Also Read: Three Effective Methods for Securing IoT Devices Against Cyber-Attacks

Further investigation revealed that the JSON data sharing format could be abused to get around the WAF.

Read More: WAFs of Several Major Vendors Bypassed With Generic Attack Method