Hello,
Can any body tell me why Sophos XG 430 WAF use old version of OWASP Modesecurity CRS although there is latest release 3.2.0 is available.
firmware version is SFOS 17.5.9 MR-9
[Mon Jan 27 12:25:43.650238 2020] [security2:error] [pid 25334:tid 140702658754304] [client 39.43.72.228:52802] [client 39.43.72.228] ModSecurity: Warning. Pattern match "([\\\\~\\\\!\\\\@\\\\#\\\\$\\\\%\\\\^\\\\&\\\\*\\\\(\\\\)\\\\-\\\\+\\\\=\\\\{\\\\}\\\\[\\\\]\\\\|\\\\:\\\\;\\"\\\\'\\\\\\xc2\\xb4\\\\\\xe2\\x80\\x99\\\\\\xe2\\x80\\x98\\\\`\\\\<\\\\>].*?){4,}" at ARGS:ctl00$MainContent$ScriptManager1. [file "/content/waf/2.7.3/modsecurity_crs_sql_injection_attacks.conf"] [line "159"] [id "981173"] [rev "2"] [msg "Restricted SQL Character Anomaly Detection Alert - Total # of special characters exceeded"] [data "Matched Data: $ found within ARGS:ctl00$MainContent$ScriptManager1: ctl00$MainContent$UpdatePanel1|ctl00$MainContent$gvLst$ctl03$JobID"] [ver "OWASP_CRS/2.2.7"] [maturity "9"] [accuracy "8"] [tag] [hostname "hcm.asd.com.pk"] [uri "/Trns/ExternalJobCardList.aspx"] [unique_id "Xi6Qd38AAAEAAGL2AEoAAAHa"], referer: comi.asd.com.pk/.../ExternalJobCardList.aspx
This thread was automatically locked due to age.