Full Report
AWS WAF only supports plain text and JSON by default. When invalid JSON is found (such as a duplicate key), the default option is to proceed on with the JSON. Another option is to evaluate as plaintext. The evaluation of the JSON is done before the string matching. So, by providing a JSON object with a duplicate key (that AWS considers invalid), we can now add arbitrary text to bypass the WAF. Another issue they found was around escape sequencing. AWS did not evaluate JSON escape sequences but most servers do. If there is a situation where input validation is important on a particular key in JSON, the escape sequences can be used to bypass this check in the name. Trying to make the perfect WAF is a losing battle. I do enjoy parser differential vulnerabilities so I did enjoy this article though!
Analysis Summary
# Vulnerability: AWS WAF Bypass via Invalid JSON Processing and Escape Sequence Handling
## CVE Details
- CVE ID: Not specified in the article.
- CVSS Score: Not specified in the article.
- CWE: Not specified in the article, but related to improper input validation or parser differences (CWE-20, CWE-915).
## Affected Systems
- Products: AWS WAF (Web Application Firewall)
- Versions: Unspecified, applicable to configurations using default JSON parsing behavior.
- Configurations: When inspecting request bodies that are expected to be JSON.
## Vulnerability Description
The vulnerability stems from discrepancies in how AWS WAF parses input compared to backend servers, primarily concerning JSON content:
1. **Invalid JSON (Duplicate Keys):** AWS WAF supports JSON inspection. When it encounters an invalid JSON object, such as one containing duplicate keys, its default behavior (or an alternative setting) is to continue processing the request, potentially evaluating it as plain text or continuing JSON evaluation without blocking. Since the evaluation of the JSON structure happens *before* string matching rules are applied, an attacker can embed malicious payloads within a structure that the WAF deems invalid (due to duplicate keys) but which the backend server might process in a manner that bypasses the WAF inspection entirely (e.g., by only using the value associated with the last key encountered by the backend).
2. **Escape Sequence Handling:** AWS WAF does not fully evaluate JSON escape sequences (like Unicode escapes). However, most backend servers receiving the request *do* evaluate these sequences. This differential allows an attacker to use obfuscated characters/sequences within a JSON key or value that the WAF sees as benign but which get decoded/interpreted by the backend server, potentially bypassing input validation checks configured on specific keys.
## Exploitation
- Status: PoC described conceptually, no mention of active exploitation in the wild for these specific vectors.
- Complexity: Likely **Low** given that the bypass relies on observed default/unintended behavior of the parser interaction.
- Attack Vector: **Network** (via crafted HTTP requests).
## Impact
- Confidentiality: Potential for sensitive data exfiltration or access if the bypass leads to SQLi or RCE. (Impact not explicitly quantified.)
- Integrity: High potential for integrity loss through rule bypasses targeting integrity controls (e.g., blocking XSS or SQLi).
- Availability: Low direct impact, but successful exploitation causing application failure could affect availability.
## Remediation
### Patches
- No specific CVE or patch version identified in the provided text. Remediation relies on configuration changes.
### Workarounds
- **Configure Strict JSON Handling:** Ensure that if JSON parsing is used, the WAF or underlying infrastructure is configured to reject invalid JSON (e.g., objects with duplicate keys) instead of continuing processing.
- **Disable Default Processing for Invalid Input:** If an option exists, choose to block requests flagged as invalid JSON rather than evaluating them as plaintext or proceeding normally.
- **Validate Escape Sequence Handling:** Implement application-side validation that strictly controls or sanitizes input before processing, assuming that backend servers will decode all valid JSON escape sequences.
## Detection
- **Log Monitoring:** Monitor WAF logs for requests that are categorized as "Invalid JSON" or are successfully processed despite having structural issues in the body content.
- **Rule Tuning:** Review custom rules to ensure they account for potential string manipulation via escape sequences, or enhance rules to specifically look for encoded payloads in parameters that are expected to be clean text.
## References
- Vendor advisories: None specified.
- Relevant links - defanged:
- hxxps://blog.sicuranext.com/aws-waf-bypass/