The Hillstone WAF is designed to provide enterprise-class security for web servers, applications, and APIs from various cyber threats.
It uses both traditional rules-based detection and innovative semantic analysis in a dual-engine approach to increase accuracy and decrease false positives.
Besides this, the Hillstone WAF applies machine learning to optimize its adaptive security policy to provide strong protection against known as well as unknown threats.
Recently, Hillstone experts discovered a Hillstone WAF vulnerability that enables threat actors to execute command injection attacks.
Free Webinar on Detecting & Blocking Supply Chain Attack -> Book your Spot
Hillstone WAF Vulnerability
Hillstone Networks’ Web Application Firewall (WAF) product has a critical command injection vulnerability.
When this security hole is exploited successfully, it enables attackers to execute any commands on the systems which compromises the integrity as well as security of the protected web applications.
Since its disclosure on August 19, 2024, there has been great worry among cybersecurity experts and users of Hillstone WAF.
Sangfor Web Application Firewall (WAF), which is a leading-edge internet security product, incorporates smart analysis and semantic analysis technology to offer full coverage through web asset discovery, vulnerability assessment, traffic monitoring, and threat location services.
The verification code page of the WAF has however been found to have a critical command injection vulnerability that can be described as high-risk due to its external exposure classification.
Attackers can exploit this flaw by constructing specially crafted requests that splice commands, allowing them to run arbitrary codes and cause possible compromise of servers.
The vulnerability affects WAF versions 5.5R6-2.6.7 through 5.5R6-2.8.13, with version 5.5R6-2.8.14 released as a security patch. To mitigate this threat, users must upgrade to the fixed version immediately.
The vulnerability’s impact extends to the application layer, potentially damaging the WAF’s core function of ensuring 24/7 website security.
Additionally, Hillstone’s Product Security Incident Response Team (PSIRT) can be reached at [email protected] to report security issues or seek further guidance.
Both Sangfor and Hillstone emphasize responsible disclosure practices and prioritize user security in addressing such critical vulnerabilities, adhering to relevant laws and regulations in their incident response procedures.
Are You From SOC/DFIR Teams? - Try Advanced Malware and Phishing Analysis With ANY.RUN - 14 day free trial