Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 2908 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

XG WAF does not detect SQLi in JSON payload

chacha

Hi,

I have hosted a web service protected by XG 210 WAF feature,

although related features are configured correctly, my test shows that simple sql injetion strings in JSON fields, pass through without being detected.

is there any known limitation in SOPHOS WAF for processing JSON payloads?

I have attached two screen shots, it shows that the SQLi string in variable fields triggered no detection, but moving it to some other random places in the JSON string will cause detection.

 



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    sounds interesting. You should address this with Sophos Support (DEV) to get an answer to this query. As far as i know, this should be considered in the Support. Could be some kind of limitation or could be some kind of exception in the WAF itself (modsecurity). 

Reply
  • 0

    Hi,

    sounds interesting. You should address this with Sophos Support (DEV) to get an answer to this query. As far as i know, this should be considered in the Support. Could be some kind of limitation or could be some kind of exception in the WAF itself (modsecurity). 

Children