New WAF Objects: [total: 9] ================================== Signature: ID: '708396' Name: 'CVE-2025-49533: Adobe Experience Manager - Insecure Deserialization' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/FormServer/servlet/GetDocumentServlet", part="serDoc=<@urlencode>" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Policy: name: 'CVE-2025-54418: CodeIgniter 4 - Command Injection' id: '20000309' minimum version: '10.0' predicates: - type: HTTP Request Method operation: At Least One values: - POST - type: HTTP Request operation: Match All match values: - part: parameter name: filename operation: MatchRegExp value: (\.jpg|\.png|\.webp|\.gif|\.bmp|\.svg)[\s\S]{0,50}[';&|$\(`>]{1,} - part: header name: Content-Type operation: includes value: multipart/form-data Signature: ID: '708395' Name: 'CVE-2025-54253: Unauthenticated RCE via Struts2 DevMode in AEM Forms (SL-AEM-FORMS-2)' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="adminui/updateLicense1.do;login.", part="command", rgxp="expression" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708394' Name: RFI/RCE via https://paste.ee Attack: Illegal Resource Access - Blocking Attack Class: Illegal Resource Access Dictionary: Recommended for Blocking for Web Applications Pattern: part="paste.ee/", rgxp="https?:\/\/paste\.ee\/\w\/\w{1,20}" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters - headers Signature: ID: '708393' Name: 'CVE-2025-34509 (WT-2025-0024): Sitecore XP CMS - Authentication Bypass' Attack: Authentication Bypass - Blocking Attack Class: Authentication Bypass Dictionary: Recommended for Blocking for Web Applications Pattern: part="/sitecore/admin", part="Password=b" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708392' Name: 'CVE-2025-40596: SonicWall SMA100 SSLVPN- Stack-based buffer overflow' Attack: Protocol Manipulation - Blocking Attack Class: Protocol Manipulation Dictionary: Recommended for Blocking for Web Applications Pattern: part="/__api__/", rgxp="__api__\/v[\w]{1,3}\/.{200,}" Policy: Recommended Signatures Policy for Web Applications Search In: - url Signature: ID: '708391' Name: CVE-2025-32756 - Multiple Fortinet Products - Unauthenticated RCE Attack: Illegal Resource Access - Blocking Attack Class: Illegal Resource Access Dictionary: Recommended for Blocking for Web Applications Pattern: part="/remote/hostcheck_validate", rgxp="enc\=\w{64,}" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708390' Name: 'CVE-2025-40598: SonicWall SMA100 SSLVPN - Reflected XSS' Attack: Cross-Site Scripting - Blocking Attack Class: Cross-Site Scripting Dictionary: Recommended for Blocking for Web Applications Pattern: part="/cgi-bin/radiusChallengeLogin", part="portalName", part="status", part="state", rgxp="[\<\>\"\`\'\/\=]{2,}" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708389' Name: 'CVE-2025-5394: WordPress Alone Theme - Unrestricted File Upload' Attack: Illegal Resource Access - Blocking Attack Class: Illegal Resource Access Dictionary: Recommended for Blocking for Web Applications Pattern: part="/wp-admin/admin-ajax.php", rgxp="action\=\s?alone_import_pack_install_plugin" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters