Radware Cloud Web Application Firewall Filter Bypass Vulnerability

Vulnerability

A filter bypass vulnerability has been identified in Radware Cloud Web Application Firewall (WAF) versions prior to 2025-05-07. This vulnerability allows remote attackers to evade firewall protections by inserting random data into the HTTP request body while using the HTTP GET method. Additionally, the WAF can be bypassed by including special characters in the request, which the firewall fails to properly validate, allowing various payloads to reach the underlying web application.

Impact

Exploitation of this vulnerability allows attackers to bypass WAF filtering, enabling malicious inputs to reach the protected web application without interference from the firewall.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Radware Cloud Web Application Firewall Filter Bypass Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating