A SQL Injection bypass was discovered for Akamai WAF using HPP (HTTP Parameter Pollution) technique. The payload used was 'q=1'Union DistinctRow/*&q=*/Select 1'. This bypass allows an attacker to inject malicious SQL code into the query and retrieve sensitive data. It is recommended for Akamai to patch this vulnerability immediately to prevent exploitation. #hack2learn ?
#SQL Injection #Bypass Akamai #WAF
(Using #HPP)q=1'Union DistinctRow/*&q=*/Select 1#hack2learn ? pic.twitter.com/HUe6smh632
— Brute Logic (@BRuteLogic) October 31, 2024