Firewall Bypass Vulnerability in Radware's Cloud Web Application Firewall
CVE-2024-56524

9.1CRITICAL

Key Information:

Vendor: Radware
Status: Cloud Web Application Firewall
Vendor: CVE Published:; 12 May 2025

What is CVE-2024-56524?

A vulnerability in Radware's Cloud Web Application Firewall allows remote attackers to bypass critical firewall filters by injecting a specific character into the request. This flaw exposes web applications protected by the WAF to potential exploitation, as the bypass can lead to unauthorized access and data breaches. It is crucial for users and administrators to upgrade to the latest version to mitigate this risk and ensure robust protection for their applications.

References

https://radware.com/solutions/cloud-security/

https://www.kb.cert.org/vuls/id/722229

CVSS V3.1

Score:

9.1

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 12, 2025
Vulnerability Reserved
Dec 27, 2024

CVE-2024-56524 Data

JSON