Fortinet has released new WAF rules designed to detect and block critical vulnerabilities including Fortinet authentication bypass and Magento file upload vulnerabilities. Additionally, the update introduces three new generic rules specifically aimed at blocking HTTP Parameter Pollution (HPP) attacks, which can be used to manipulate web applications by injecting multiple HTTP parameters. These enhancements improve security by preventing attackers from exploiting these common weaknesses. Fortinet users should update their WAF configurations to include these new rules to better protect their web applications from these types of attacks.
For more insights, check out the original tweet here: https://twitter.com/CFchangelog/status/2038799879321821429