New WAF Objects: [total: 7] ================================== Signature: ID: '708366' Name: OOB attack using .interactsh.patrowl-scan.com Pattern: part=".interactsh.patrowl-scan.com" Attack: Automation Attack - Blocking Attack Class: Automation Attack Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: ID: '708365' Name: OOB attack using .ish-asi.securitytrails.com Pattern: part=".ish-asi.securitytrails.com" Attack: Automation Attack - Blocking Attack Class: Automation Attack Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: ID: '708364' Name: OOB attack using .sh.prod.netspi.ai Pattern: part=".sh.prod.netspi.ai" Attack: Automation Attack - Blocking Attack Class: Automation Attack Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: Name: OOB attack using .eoob.site ID: '708363' Pattern: part=".eoob.site" Attack: Automation Attack - Blocking Attack Class: Automation Attack Dictionary: Recommended for Blocking for Web Applications Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Policy: name: 'CVE-2025-20188: Cisco IOS XE WLC Arbitrary File Upload Vulnerability' id: '20000304' minimum version: '10.0' predicates: - type: HTTP Request operation: Match All match values: - part: url operation: includes value: /ap_spec_rec/upload - type: HTTP Request Method operation: At Least One values: - POST - type: HTTP Request operation: Match Any match values: - part: header name: Set-Cookie operation: includes value: |- jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyZXFpZCI6ImNkYl90b2tlbl9yZXF1ZXN0X2lkMSIsImV4cCI6MTc3OTMyNDg2MH0.98CM4z-9JYebBFQ0sQdXpW8Il1SmFaKSxlvqXAV7Iz0 - part: header name: Authorization operation: includes value: |- jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJyZXFpZCI6ImNkYl90b2tlbl9yZXF1ZXN0X2lkMSIsImV4cCI6MTc3OTMyNDg2MH0.98CM4z-9JYebBFQ0sQdXpW8Il1SmFaKSxlvqXAV7Iz0 Policy: name: 'CVE-2025-48703: CentOS Web Panel - Unauthenticated RCE' id: '20000305' minimum version: '10.0' predicates: - type: HTTP Request Method operation: At Least One values: - POST - type: HTTP Request operation: Match All match values: - part: parameter name: t_total operation: DoesNotMatchRegExp value: '[ugoa]*[+-=][rwxXst]*' - part: parameter name: t_total operation: DoesNotMatchRegExp value: \d{3}\d? - part: parameter name: module operation: includes value: filemanager - part: url operation: includes value: /myuser/index.php - part: parameter name: acc operation: includes value: changePerm Signature: Name: 'CVE-2025-48703: CentOS Web Panel - Unauthenticated Privilege Escalation and RCE' ID: '708367' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/myuser/index.php", part="module=filemanager", part="acc=changePerm", part="t_total=" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters