Two New WAF Rules Released for CVE-2024-28000 Vulnerability

We are excited to announce that the BitNinja team has released two new Web Application Firewall (WAF) rules designed to protect against the CVE-2024-28000 vulnerability. These rules, numbered 406050 and 406051, specifically target the security flaw found in the WordPress Litespeed Cache plugin.

About the CVE-2024-28000 Vulnerability

The CVE-2024-28000 vulnerability resides in the WordPress Litespeed Cache plugin, a widely used tool for optimizing website performance. This vulnerability could allow attackers to gain unauthorized access to systems, potentially leading to severe security breaches.

The New WAF Rules: 406050 and 406051

At BitNinja, we’ve developed and released WAF rules 406050 and 406051 to block exploitation attempts targeting this vulnerability. These rules are designed to identify and prevent any attempts to exploit CVE-2024-28000, thereby safeguarding WordPress sites from potential attacks.

  • 406050: This rule does not block direct attack attempts but instead prevents access to a specific URL that could expose sensitive information, indicating whether a site might be vulnerable. By blocking this initial access, we can stop attackers from gathering data about the site's weaknesses.
  • 406051: This rule blocks actual attempts to exploit the vulnerability. Specifically, it ensures that attackers cannot exploit a vulnerable WordPress site to create a new administrative user with elevated privileges. This rule acts as a barrier against malicious activity.

Real-World Impact of WAF Rule 406051

Since the release of the 406051 rule, it has already proven highly effective. We have blocked 531 requests originating from different IP addresses attempting to exploit the CVE-2024-28000 vulnerability. These malicious requests have been targeting a wide range of domains. The number of blocked requests continues to grow as new attacks surface, showing the ongoing threat posed by this vulnerability.

Based on User Recommendations

The development and release of these new rules were driven by a user recommendation that highlighted the risks associated with the CVE-2024-28000 vulnerability. At BitNinja, we greatly value user feedback and respond swiftly to suggestions to ensure the best possible protection for our customers.

What This Means for BitNinja Users

These new rules have been automatically updated in our BitNinja WAF, so users do not need to take any additional steps to activate this protection. The system will immediately implement the new rules, preventing any exploitation attempts related to CVE-2024-28000.

We remain committed to providing up-to-date security solutions for our clients at BitNinja. If you have any questions regarding this update or need further information, please contact our support team.

trial
If you have no more queries, 
take the next step and sign up!
Don’t worry, the installation process is quick and straightforward!
AICPA SOC BitNinja Server Security
Privacy Shield BitNinja Server Security
GDPR BitNinja Server Security
CCPA BitNinja Server Security
2024 BitNinja. All Rights reserved.
Hexa BitNinja Server SecurityHexa BitNinja Server Security
magnifiercross