Hillstone Networks Addresses Critical RCE Vulnerability in WAF (CVE-2024-8073, CVSS 9.8)
Hillstone Networks, a global leader in network security solutions, has released a security advisory addressing a critical vulnerability (CVE-2024-8073) in its Web Application Firewall (WAF) product. This vulnerability, rated with a CVSS score of 9.8, allows remote attackers to execute arbitrary code on affected systems, potentially leading to full system compromise.
Hillstone Networks’ WAF is renowned for its robust protection of web applications and APIs, employing a blend of traditional rule-based detection, semantic analysis, and machine learning to achieve high accuracy and reduce false positives. However, the discovery of this vulnerability reveals a significant gap in its defenses. The flaw exists in versions 5.5R6-2.6.7 through 5.5R6-2.8.13 of the WAF software.
The crux of CVE-2024-8073 lies in the WAF’s verification code page, where improper input validation allows an attacker to craft specially designed requests. By exploiting this weakness, malicious actors can concatenate commands and execute arbitrary code, potentially seizing control of the server hosting the WAF. The implications of such an attack are grave, with the potential to compromise not only the WAF but also the web applications and APIs it is meant to protect.
Given the critical nature of this vulnerability and the WAF’s essential role in protecting web applications, Hillstone Networks strongly urges all users to upgrade to version 5.5R6-2.8.14 immediately. This updated version includes a patch that addresses the identified vulnerability and mitigates the associated risks.
Organizations utilizing Hillstone WAF are advised to implement the following actions:
- Apply the patch as soon as possible: Upgrading to the patched version is paramount to protect against potential exploitation.
- Monitor system logs for any suspicious activity: Regularly review system logs and network traffic for any signs of compromise.
- Consider additional security measures: Deploying additional layers of security, such as intrusion detection systems (IDS) and web application security scanners, can further enhance protection.
