Overview
The Radware Cloud Web Application Firewall is vulnerable to filter bypass by multiple means. The first is via specially crafted HTTP request and the second being insufficient validation of user-supplied input when processing a special character. An attacker with knowledge of these vulnerabilities can perform additional attacks without interference from the firewall.
Description
The Radware Cloud Web Application Firewall can be bypassed by means of a crafted HTTP request. If random data is included in the HTTP request body with a HTTP GET method, WAF protections may be bypassed. It should be noted that this evasion is only possible for those requests that use the HTTP GET method.
Another way the Radware Cloud WAF can be bypassed is if an attacker adds a special character to the request. The firewall fails to filter these requests and allows for various payloads to reach the underlying web application.
Impact
An attacker with knowledge of these vulnerabilities can bypass filtering. This allows malicious inputs to reach the underlying web application.
Solution
The vulnerabilities appear to be fixed, however Radware has not acknowledged the reporter’s findings when they were initially disclosed.
Acknowledgements
Thanks to Oriol Gegundez for reporting this issue. This document was written by Kevin Stephens and Ben Koo.
Other Information
| CVE IDs: |
CVE-2024-56523 CVE-2024-56524 |
| API URL: | VINCE JSON | CSAF |
| Date Public: | 2025-05-07 |
| Date First Published: | |
| Date Last Updated: | 2025-05-07 20:16 UTC |
| Document Revision: | 1 |
Recent Posts
-
VU#722229: Radware Cloud Web Application Firewall Vulnerable to Filter Bypass
-
VU#360686: Digigram PYKO-OUT audio-over-IP (AoIP) does not require a password by default
-
VU#667211: Various GPT services are vulnerable to two systemic jailbreaks, allows for bypass of safety guardrails
-
VU#252619: Multiple deserialization vulnerabilities in PyTorch Lightning 2.4.0 and earlier versions
-
Unplanned outage impacting our off-site backup services
