New WAF Objects: [total: 8] ================================== Signature: ID: '708388' Name: 'CVE-2025-34300: Lighthouse Studio - Unauthenticated RCE' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/cgi-bin/ciwweb.pl", part="hid_Random_ACARAT=", rgxp="hid_Random_ACARAT\=\s?\[\%[\s\S]*?\%\]" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'CVE-2025-54309: CrushFTP Unauthenticated Remote Command Execution injection' ID: '708387' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/WebInterface/login/", rgxp="username=[\S\s]{1,32}';" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'CVE-2025-54309: CrushFTP Unauthenticated Remote Command Execution fileupload' ID: '708386' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/WebInterface/function/", part="methodCall/methodName=file.write" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'CVE-2025-54309: CrushFTP Unauthenticated Remote Command Execution json' ID: '708385' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/WebInterface/json/", part="method=system.exec" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'CVE-2025-54309: CrushFTP Unauthenticated Remote Command Execution' ID: '708384' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/WebInterface/function/", part="methodCall/methodName=system.exec" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'CVE-2025-52488: DNN file upload ' ID: '708383' Attack: Data Leakage - Blocking Attack Class: Data Leakage Dictionary: Recommended for Blocking for Web Applications Pattern: part="/Providers/HtmlEditorProviders/DNNConnect.CKE/Browser/FileUploader.ashx", part="PortalID", part="storageFolderID" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: 'CVE-2025-49127: Remote Code Execution by JMX in Metrices Configuration' ID: '708382' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/api/config", part="config.properties.auth.type=DISABLED", part="config.properties.kafka.clusters.metrics.type=JMX" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: Name: XSS bypass using JS concatenation ID: '708381' Attack: Cross-Site Scripting - Blocking Attack Class: Cross-Site Scripting Dictionary: Recommended for Blocking for Web Applications Pattern: part="function", rgxp="\;\}function\s?\(\s?[\"\']\w{1,5}[\"\']\s?\+[^\;]{1,50}\)\(\)\;\s?function(\s|\+)\w{1,10}\(\)\{\/\/" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers