acm-header
Sign In

Communications of the ACM

Home/News/New Attack Method to Bypass Popular Web Application.../Full Text
ACM TechNews

New Attack Method to Bypass Popular Web Application Firewalls

By The Hacker News
December 15, 2022
Comments
View as: Print Mobile App Share:
A vault being opened.

Said Claroty researcher Noam Moshe, "Attackers using this novel technique could access a backend database and use additional vulnerabilities and exploits to exfiltrate information via either direct access to the server or over the cloud."

Credit: hakin9.org

Researchers at industrial cybersecurity platform Claroty have devised a method that could be used by attackers to access sensitive business and customer information by bypassing web application firewalls (WAFs) to infiltrate systems.

The technique was used successfully against the WAFs of Amazon Web Services, Cloudflare, F5, Imperva, and Palo Alto Networks, among other vendors.

Claroty's Noam Moshe said the method "involves appending JSON syntax to SQL injection payloads that a WAF is unable to parse. Most WAFs will easily detect SQLi attacks, but prepending JSON to SQL syntax left the WAF blind to these attacks."

Vendors have responded with updates to support JSON syntax during SQL injection inspection.

Moshe added, "This is a dangerous bypass, especially as more organizations continue to migrate more business and functionality to the cloud."

From The Hacker News
View Full Article

 

Abstracts Copyright © 2022 SmithBucklin, Washington, DC, USA

 

No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account