Abusing JSON-Based SQL to Bypass WAF
Information
| Summary: | Is the WAF feature on the LoadMaster vulnerable to this threat |
| Environment: |
Product: LoadMaster Version: Any Platform: Any Application: |
| Question/Problem Description: |
Vulnerability Question. Articles are coming out that further analysis revealed that the WAF could be bypassed by abusing the JSON data sharing format. JSON syntax is supported by all major SQL engines and it’s enabled by default. |
| Steps to Reproduce: | |
| Error Message: | |
| Defect Number: | LM-1954 |
| Enhancement Number: | |
| Cause: | |
| Resolution: | The LoadMaster is not vulnerable, WAF will block these requests. |
| Workaround: | |
| Notes: |
Link relating to the vulnerability: |
Was this article helpful?
0 out of 0 found this helpful