Three-Tier Protection Rules • Basic Protection: Pre-configured, general and popular security rules for out-of-box deployment.• Optional/Advanced Protection: Advanced rules, customized for specific Web/API applications for optimum protection. Basic ProtectionHTTP Protocol Verification Server Plug-in Crawler Web General Illegal Upload Information Disclosure Semantic Engine Scan ProtectionOptional ProtectionHTTP Access Control Sensitive Information Filter...
Autor: NSFOCUS
Microsoft’s April Security Update of High-Risk Vulnerabilities in Multiple Products
Overview On April 9, NSFOCUS CERT detected that Microsoft released a security update patch for April, fixing 126 security problems in widely used products such as Windows, Microsoft Office, Azure, Microsoft Edge for iOS, Microsoft Visual Studio, etc. This includes high-risk vulnerabilities such as privilege escalation and remote code execution....
NSFOCUS WAF New UI Walkthrough: Site Configuration
Basic Information Core Details: Site name, server info, domain names, etc. Modular Editing: Edit/save individual modules (e.g., basic info, server settings, domains) independently with real-time updates to reduce possible mistakes during configuration. Functional Configuration Manage Advanced Features in One Page Traffic Stats: One-click enable/disable traffic statistics and visit tracking, with...
Vite Arbitrary File Read Vulnerability (CVE-2025-31486)
Overview Recently, NSFOCUS CERT detected that Vite issued a security bulletin to fix the Vite arbitrary file read vulnerability (CVE-2025-31486); Because the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs and read arbitrary files...
Vite Arbitrary File Read Vulnerability (CVE-2025-31125)
Overview Recently, NSFOCUS CERT detected that Vite issued a security bulletin to fix the Vite arbitrary file read vulnerability (CVE-2025-31125); Because the Vite development server does not strictly verify the path when processing URL requests, unauthenticated attackers can bypass path access restrictions by constructing special URLs and read arbitrary files...
New UI for NSFOCUS WAF V6.0R09F00 – Experience a Smoother Site Management
NSFOCUS understands that the Security Operations team is facing increasing threats to their web applications and workloads are rising accordingly, a simple yet easy-to-use WAF has become more important than ever for effective Security Operations. The upcoming NSFOCUS Web Application Firewall (WAF) V6.0R09F00 (hereafter called as 6090) not only comprehensively...
