Akamai WAF bypassed via Spring Boot to trigger RCE
Akamai issued an update to resolve the flaw several months ago Akamai WAF bypassed via Spring Boot to trigger RCE A researcher has disclosed a technique that bypassed Akamai web application firewalls (WAF) running Spring Boot, potentially leading to remote code execution (RCE). Akamai’s WAF, which was patched several months ago, has been designed to mitigate the risk of Distributed Denial-of-Service (DDoS) attacks and uses adaptive technologies to block known web security threats. Security researcher Peter H, who also goes by the pseudonym ‘pmnh’, said the attack used Spring Expression Language (SpEL) injection. The bug bounty hunter found the bypass with the assistance of Synack pentester Usman Mansha during an engagement with a private Bugcrowd program. Server-side template injection A server-side template injection (SSTI) is at the core of the bypass, a technical write-up by Peter H reveals. Vulnerable versions of Spring Boot throw up error messages in a SpEL e...