New WAF Objects: [total: 6] ================================== Signature: ID: '708404' Name: HTTP Request Smuggling with Post - Detection Attack: Illegal Resource Access - Detection Attack Class: Illegal Resource Access Dictionary: Recommended for Detection for Web Applications Pattern: part="POST", rgxp="(?s)\A[\s\S]{0,30}\bPOST\s.{1,100}HTTP\/1\.\d" Policy: Recommended Signatures Policy for Web Applications Search In: - request-body Policy: name: 'Get/Head request Expect Header and Content Length' id: '20000310' minimum version: '10.0' predicates: - type: HTTP Request Method operation: At Least One values: - HEAD - GET - type: HTTP Request operation: Match All match values: - part: header name: Content-Length operation: MatchRegExp value: . - part: header name: Expect operation: includes value: 100-continue Signature: ID: '708403' Name: Content-Type Multi part violation - double boundary Attack: Illegal Resource Access - Blocking Attack Class: Illegal Resource Access Dictionary: Recommended for Blocking for Web Applications Pattern: part="multipart/form-data", part="boundary", rgxp="boundary=[A-Za-z0-9]{5,50};boundary" Policy: Recommended Signatures Policy for Web Applications Search In: - headers Signature: ID: '708402' Name: OS command on php file - ifconfig Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part=".php", part="ifconfig", rgxp="^[\s\S]{1,50}[|;&][|&]?\s?ifconfig\b\s?(-|$)" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708397' Name: 'CVE-2025-31644: BIG-IP - Authenticated RCE' Attack: Remote Command Execution - Blocking Attack Class: Remote Command Execution Dictionary: Recommended for Blocking for Web Applications Pattern: part="/mgmt/tm/sys/config", rgxp="file[\s\S]{0,50}`" Policy: Recommended Signatures Policy for Web Applications Search In: - url-and-parameters Signature: ID: '708398' Name: XStream Java library - SSRF During Unmarshalling Attack: Illegal Resource Access - Blocking Attack Class: Illegal Resource Access Dictionary: Recommended for Blocking for Web Applications Pattern: part="=javax.activation.URLDataSource", rgxp="\=(http|https|ftp|ftps|file):\/\/" Policy: Recommended Signatures Policy for Web Applications Search In: - parameters