Connect with us

Hi, what are you looking for?

Hard News Hard Hitting News Source Global Political News

Cyber Security

JSON syntax hack allowed SQL injection payloads to be smuggled past WAFs

Security researchers have developed a technique that prevents web application firewalls (WAFs) from detecting SQL injection attacks.

Several leading vendors’ WAFs failed to support JSON syntax in their SQL injection inspection process, allowing security researchers from Claroty’s Team82 to “prepend JSON syntax to a SQL statement that blinded a WAF to the malicious code”.

The hack worked against WAFs from five leading vendors: Palo Alto Networks, Amazon Web Services, Cloudflare, F5, and Imperva.

All five have updated their products to support JSON syntax in their SQL injection inspection process, clearing the way for Claroty to publish a technical blog post detailing its research.

Prior to recent security updates, attackers using the JSON-based hack would have been able to bypass the WAF’s protection in attempts to exfiltrate data or mount other potential attacks.

“Major WAF vendors lacked JSON support in their products, despite it being supported by most database engines for a decade,” Claroty notes.

“We believe that other vendors’ products may be affected, and that reviews for JSON support should be carried out.”

JSON is a standard file and data exchange format, often used to exchange data between a server and a web application.

The generic WAF bypass was covered by Team82 during the course of unrelated research (specifically into Cambium Networks’ wireless device management platform) that was being thwarted by a web application firewall.

IoT and OT processes that are monitored and managed from the cloud are most at risk from the issue, according to Claroty. “Organizations should ensure they’re running updated versions of security tools in order to block these bypass attempts,” it advised.

The Daily Swig asked Claroty to clarify what classes of security tools might be vulnerable to this kind of exploit, among other questions. No word back as yet but we’ll update this story as and when more information comes to hand.

Copyright 2021 Associated Press. All rights reserved.

Source: https://portswigger.net/daily-swig/json-syntax-hack-allowed-sql-injection-payloads-to-be-smuggled-past-wafs

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like

Cyber Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given federal agencies three weeks to secure Adobe ColdFusion servers on their networks against two...

Cyber Security

Businesses and developers are focusing more on the security of applications in their digital environment as cyber threats and data breaches continue escalating. The...

Cyber Security

HCL BigFix is an endpoint management platform that has the capability to automate discovery, management, and remediation. It can find and fix vulnerabilities on...

Cyber Security

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch...

Copyright © 2023 Hard News Herd Hitting in Your Face News Source | World News | Breaking News | US News | Political News Website by Top Search SEO