Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Akamai WAF bypassed via Spring Boot to trigger RCE
Malware and Vulnerabilities
December 16, 2022
The Daily Swig
Security researcher Peter H, aka ‘pmnh’, said the attack used Spring Expression Language (SpEL) injection. The bounty hunter found the bypass with the assistance of Synack pentester Usman Mansha during an engagement with a private Bugcrowd program.
Read More
Akamai WAF
WAF Bypass
Spring Boot
Remote Code Execution (RCE)
SpEL Injection Vulnerability
Publisher
Previous
Low-code/no-code security risks climb as tools gain tra ...
Trends, Reports, Analysis
Next
Google drops TrustCor certificates as questions loom
Computer, Internet Security
/https://cyware-ent.s3.amazonaws.com/image_bank/f697_shutterstock_1901385850.jpeg)
/https://cyware-ent.s3.amazonaws.com/image_bank/shutterstock_174522401.jpg)
