2 years ago
Updates from Wallarm’s detection team (October 2021)
We are happy to share recent work on the quality of attack and vulnerability detection!
We have added the support for new attack type detection: SSTI, SSI and Email Injection.
The rule set for detection of other attack types (SQLi, XSS, Path Traversal, Scanner, RCE) is now wider and more accurate.
We have also added the rules for Wallarm Scanner to detect new vulnerabilities in applications:
- Remote Code Execution in Confluence Server and Data Center — CVE‑2021‑26084
- Path Traversal and Remote Code Execution in Apache HTTP Server 2.4.49 — CVE‑2021‑41773
- Remote Code Execution in Microsoft Exchange Server — CVE‑2021‑26855
- Remote Code Execution in Apache Druid Embedded — CVE‑2021‑25646
- Remote Code Execution in Laravel Debug Mode — CVE‑2021‑3129
- Directory Traversal in ffay lanproxy 0.1 — CVE‑2021‑3019
- NoSQL injection in Agentejo Cockpit before 0.11.2 via the Controller/Auth.php resetpassword function — CVE‑2020‑35847
The changes are already supported by the Wallarm components. Additional product configuration to apply the changes is not required.