waf

Crashing the Shield: The One-Line Script Taking Down ModSecurity v3 WAFs

• Vulnerability Report

Crashing the Shield: The One-Line Script Taking Down ModSecurity v3 WAFs

Do Son May 1, 2026 0

Security researchers have identified two significant vulnerabilities in libmodsecurity3, the core library of the ModSecurity v3 project....

Read More Read more about Crashing the Shield: The One-Line Script Taking Down ModSecurity v3 WAFs

CISA KEV Alert: FortiWeb RCE Flaw (CVE-2025-58034) Under Active Exploitation for Command Injection

• Vulnerability Report

CISA KEV Alert: FortiWeb RCE Flaw (CVE-2025-58034) Under Active Exploitation for Command Injection

Do Son November 19, 2025 0

Fortinet has issued an urgent advisory warning customers that a newly disclosed vulnerability in FortiWeb, tracked as...

Read More Read more about CISA KEV Alert: FortiWeb RCE Flaw (CVE-2025-58034) Under Active Exploitation for Command Injection

ZERO-DAY ATTACK WARNING: Fortinet FortiWeb Exploit Grants Unauthenticated Admin Access!

• Vulnerability Report

ZERO-DAY ATTACK WARNING: Fortinet FortiWeb Exploit Grants Unauthenticated Admin Access!

Do Son November 14, 2025 0

Cybersecurity firms are sounding the alarm over a critical vulnerability in Fortinet FortiWeb, the company’s Web Application...

Read More Read more about ZERO-DAY ATTACK WARNING: Fortinet FortiWeb Exploit Grants Unauthenticated Admin Access!

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published

• Vulnerability Report

CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published

Do Son July 14, 2025 2

A critical security flaw in Fortinet’s FortiWeb web application firewall has been publicly weaponized, with proof-of-concept (PoC)...

Read More Read more about CVE-2025-25257 (CVSS 9.6): Pre-Auth SQLi in Fortinet FortiWeb Opens Door to RCE, PoC Published

Fortinet Fixes Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257, CVSS 9.6)

• Vulnerability Report

Fortinet Fixes Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257, CVSS 9.6)

Do Son July 9, 2025 0

Fortinet has released a critical patch to address a serious vulnerability in its FortiWeb product — a...

Read More Read more about Fortinet Fixes Critical SQL Injection Flaw in FortiWeb (CVE-2025-25257, CVSS 9.6)

ModSecurity Alert: New DoS Vulnerability Discovered!

• Vulnerability

ModSecurity Alert: New DoS Vulnerability Discovered!

Do Son June 2, 2025 0

The ModSecurity project has issued a security advisory disclosing a new vulnerability—CVE-2025-48866—in its widely used open-source web...

Read More Read more about ModSecurity Alert: New DoS Vulnerability Discovered!

Radware Cloud WAF Vulnerable to Filter Bypass via Crafted Requests

• Vulnerability

Radware Cloud WAF Vulnerable to Filter Bypass via Crafted Requests

Do Son May 9, 2025 0

A newly disclosed vulnerability note by CERT/CC reveals two security flaws (CVE-2024-56523, CVE-2024-56524) in the Radware Cloud...

Read More Read more about Radware Cloud WAF Vulnerable to Filter Bypass via Crafted Requests

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update

• Vulnerability

Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update

Do Son May 8, 2025 0

SonicWall has released a security advisory detailing multiple vulnerabilities affecting its Secure Mobile Access (SMA) 100 series...

Read More Read more about Multi Vulnerabilities Found in SonicWall SMA 100 Series Prompt Urgent Security Update