New WAF Objects: [total: 5] ================================== Signature: ID: '708347' Name: 'CVE-2025-4428: Ivanti EPMM Unauth RCE Chain' Pattern: part="/mifs/rs/api/v2/", part="format", rgxp="(?i)format=(?!json\b|xml\b|csv\b|xlsx\b)" Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'Blocking oobpoc.com domain for OOB attacks' ID: '708346' Pattern: 'part="oobpoc.com", rgxp="\\w{1,50}\\.oobpoc\\.com"' Attack: 'Automation Attack - Blocking' Attack Class: 'Automation Attack' Dictionary: 'Recommended for Blocking for Web Applications' Policy: 'Recommended Signatures Policy for Web Applications' Search In: - 'parameters' - 'headers' Signature: ID: '708345' Name: 'CVE-2023-44221: SonicWall SMA Post-Auth Command Injections ' Pattern: part="spog/diagnostics", part="tool=TRACEROUTE6_CMD", rgxp="target=\S{40,}" Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708344' Name: 'CVE-2024-7399: Samsung MagicINFO 9 Improper limitation of a pathname' Pattern: part="/MagicInfo/servlet/SWUpdateFileUploader", part="fileName=", rgxp="fileName=[\s\S]{0,30}\.\./" Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708342' Name: 'CVE-2025-3248: Langflow code injection' Pattern: part="api/v1/validate/code", part="code=" Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters