TEL AVIV, Israel, Dec. 17, 2025 Miggo Safety has launched a complete benchmark examine revealing vital gaps in Net Utility Firewall (WAF) safety, with the invention of React2Shell (CVE-2025-55182) serving as a stark real-world validation of those vulnerabilities.
The analysis, titled “Beat the Bypass: A Benchmark Examine of WAF Weaknesses and AI Mitigation,” demonstrates that conventional WAF approaches are essentially insufficient towards trendy, AI-enabled threats.
The examine analyzed over 360 CVEs throughout main WAF distributors and uncovered a troubling actuality: 52% of exploits bypass default WAF guidelines even below optimum situations.
This discovering challenges the traditional knowledge that WAFs alone can shield enterprises from vital vulnerabilities.
The analysis contextualizes a strategic crucial for contemporary safety groups: WAFs stay a vital infrastructure, but they can not perform as a dependable mitigation layer for vital CVEs or rising AI-driven threats with out vital augmentation.
React2Shell exemplifies the publicity window downside. This CVSS 10.0 vulnerability exploits complicated deserialization logic inside the Flight protocol exactly the realm the place commonplace WAF signatures not often detect threats.
Vulnerabilities in Net Utility Firewalls
The vulnerability emerged as exploit code turned out there inside hours, but conventional WAF distributors required a median of 41 days to develop and launch CVE-specific rule updates.
This 41-day hole represents the trendy publicity window the place organizational harm usually happens.
The monetary affect of WAF deficiencies is substantial. Miggo’s analysis estimates mid-sized enterprises face roughly $6 million in annual potential losses on account of operational WAF inadequacies, encompassing publicity window dangers, pointless remediation prices, and false optimistic impacts.
Nevertheless, the analysis gives a promising resolution: AI-augmented WAF safety. When guidelines are tailor-made with synthetic intelligence for particular vulnerabilities and utility context slightly than generic assault patterns, protection jumps dramatically to 91% or larger for beforehand bypassed vulnerabilities.
This represents a elementary shift in WAF structure from reactive, handbook signature technology to proactive, exploit-aware rule creation powered by runtime intelligence.
Daniel Shechter, CEO and co-founder of Miggo Safety, articulated the core problem: “WAFs are vital, however they can not win the AI-enabled zero-day race alone.
The React2Shell vulnerabilities are the textbook instance of why the previous mannequin fails. The one solution to shut this 41-day hole is shifting from gradual, generic signatures to quick, exploit-aware guidelines generated by runtime intelligence.”
Business veterans validate these findings. Andy Ellis, former Chief Safety Officer of Akamai, emphasised the untapped potential: “Runtime augmentation gives the mandatory intelligence and automation to remodel the WAF right into a dependable, high-confidence protection layer for all vital CVEs, not simply reactive, one-off fixes.”
React2Shell Considerations Over Net Safety
Julien Bellanger, former Imperva CMO and co-founder of RASP pioneer Prevoty, strengthened the crucial: “The info validates an uncomfortable fact vulnerabilities are weaponized quicker than handbook processes can deal with.
The second a vulnerability is within the wild, an arms race begins the place AI attackers outpace conventional defenses. The crucial is making WAFs smarter and extra automated.”
Miggo Safety’s Utility Detection and Response (ADR) resolution addresses these gaps by delivering AI-powered runtime protection, enabling organizations to cut back publicity home windows by as much as 99% whereas slicing operational overhead by 30% or extra.
The corporate has earned recognition as a Gartner Cool Vendor 2025 for AI Safety and acquired Frost & Sullivan’s Product Innovation Award 2025.
The React2Shell discovery underscores an uncomfortable actuality: conventional safety infrastructure should evolve to fulfill modern threats, or organizations face mounting losses and prolonged vulnerability publicity home windows.
Comply with us on Google Information, LinkedIn, and X to Get On the spot Updates and Set GBH as a Most popular Supply in Google.
