WAF Bypass Vulnerability in Akamai App & API Protector by Akamai
CVE-2025-30143
Currently unrated
What is CVE-2025-30143?
A vulnerability has been identified in Akamai App & API Protector, where Rule 3000216 fails to appropriately handle JavaScript variable assignments that lead to the use of built-in functions and properties. This oversight can be exploited to bypass the Web Application Firewall (WAF), potentially allowing unauthorized access to web applications. Recommended actions include updating the product to the latest version and reviewing security configurations to mitigate any risks associated with this vulnerability. For further details, refer to Akamai's official documentation and changelog.