4.Lock AbstractDigital Esm W900

Researchers at industrial and IoT cybersecurity firm Claroty have identified a generic method for bypassing the web application firewalls (WAFs) of several major vendors.

Claroty’s researchers discovered the method following an analysis of Cambium Networks’ wireless device management platform. They discovered a SQL injection vulnerability that could be used to obtain sensitive information, such as session cookies, tokens, SSH keys and password hashes.

Exploitation of the flaw worked against the on-premises version, but an attempt to exploit it against the cloud version was blocked by the Amazon Web Services (AWS) WAF, which flagged the SQL injection payload as malicious.

Further analysis revealed that the WAF could be bypassed by abusing the JSON data sharing format. JSON syntax is supported by all major SQL engines and it’s enabled by default.