AWS waf medium security documentation change
Summary
Added documentation for new 'WindowsShellCommands_QUERYSTRING' rule detecting command injection in query strings
Security assessment
Explicitly documents a new security rule targeting WindowsShell command injection attacks in query strings, expanding protection against code execution vulnerabilities.
Diff
diff --git a/waf/latest/developerguide/aws-managed-rule-groups-use-case.md b/waf/latest/developerguide/aws-managed-rule-groups-use-case.md index 3f6e6a37b..8de580e72 100644 --- a//waf/latest/developerguide/aws-managed-rule-groups-use-case.md +++ b//waf/latest/developerguide/aws-managed-rule-groups-use-case.md @@ -127,0 +128 @@ Rule name | Description and label +`WindowsShellCommands_QUERYSTRING` | Inspects the query string and blocks WindowsShell command injection attempts in web applications. The match patterns represent WindowsShell commands. Example patterns include `||nslookup` and `;cmd`. Rule action: Block Label: `awswaf:managed:aws:windows-os:WindowsShellCommands_QueryString`