Version number
V7-WAF-1.0.44

MD5 number
510a9c53da79b81a69decaa38b85b773

Update time
2026-01-07

Update attack list

Key new rules:
------------------------------

49894  CVE-2025-6204_Dassault_Systemes_DELMIA_Apriso_FIle_Upload_Vulnerability[2]
---- Category: Vulnerability
---- Description: Dassault Systemes DELMIA Apriso is an interactive manufacturing application software for digital enterprises
---- developed by Dassault Syst e mes, a French company. The SpokenLanguageIEimploAssault Systemes DELMIA Apriso 2020-2025 version
---- has a security vulnerability due to improper code generation control, which may result in arbitrary code execution. yeeTypeD

49913  CVE-2025-6205_Dassault_Systemes_DELMIA_Apriso_Security_Bypass_Vulnerability[2]
---- Category: Vulnerability
---- Description: Dassault Systemes DELMIA Apriso is an interactive manufacturing application software for digital enterprises
---- developed by Dassault Syst e mes, a French company. Dassault Systemes DELMIA Apriso 2020-2025 versions have a security vulnerability
---- due to a lack of authorization, which may result in privileged access.

49942  CVE-2025-64495_Open_Webui_Arbitrary_Code_Execution_Vulnerability[2]
---- Category: Vulnerability
---- Description: Open-WebUI is a self-hosted AI chat interface system specifically designed for interaction with large language
---- models. There is an arbitrary code execution vulnerability in the Open WebUI. Attackers can induce users to enter malicious
---- HTML/JavaScript code in the Insert Prompt in Rich Text Form function. When this content is directly assigned to the innerHTML
---- attribute of the DOM without filtering or escaping, it causes the malicious script to execute in the user's browser.