Friday, December 16, 2022
HomeInformation SecurityResearcher Bypasses Akamai WAF

Researcher Bypasses Akamai WAF



Akamai’s Net utility firewall (WAF) is meant to fend off potential assaults like distributed denial-of-service (DDoS), however a researcher found a option to bypass its protections through the use of advanced payloads to confuse its guidelines.

The researcher, often known as Peter H., together with Usman Mansha, mentioned Akamai has since patched in opposition to the vulnerability, which was not assigned a CVE quantity. Within the write-up, Peter H. defined how he used a susceptible model of Spring Boot to bypass WAF protections.

We ended up in a position to bypass Akamai WAF and obtain Distant Code Execution (P1) utilizing Spring Expression Language injection on an utility working Spring Boot,” the GitHub clarification of the Akamai WAF RCE discover defined. “This was the 2nd RCE by way of SSTI we discovered on this program, after the first one, this system applied a WAF which we have been in a position to bypass in a unique a part of the appliance.”

Sustain with the most recent cybersecurity threats, newly-discovered vulnerabilities, information breach info, and rising traits. Delivered each day or weekly proper to your electronic mail inbox.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments