WAF - WAF Release - 2025-05-05
1y ago
Source
CloudflareWAF - WAF Release - 2025-05-05cloudflare.comThis week's analysis covers five CVEs with varying impact levels. Four are rated critical, while one is rated high severity. Remote Code Execution vulnerabilities dominate this set. Key Findings GFI KerioControl (CVE-2024-52875) contains an unauthenticated Remote Code Execution (RCE) vulnerability that targets firewall appliances. This vulnerability can let attackers gain root level system access, making this CVE particularly attractive for threat actors. The SonicWall SMA vulnerabilities remain concerning due to their continued exploitation since 2021. These critical vulnerabilities in remote access solutions create dangerous entry points to networks. Impact Customers using the Managed Ruleset will receive rule coverage following this week's release. Below is a breakdown of the recommended prioritization based on current exploitation trends: GFI KerioControl (CVE-2024-52875) - Highest priority; unauthenticated RCE SonicWall SMA (Multiple vulnerabilities) - Critical for network appliances XWiki (CVE-2025-24893) - High priority for development environments Langflow (CVE-2025-3248) - Important for AI workflow platforms MinIO (CVE-2025-31489) - Important for object storage implementations Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 921660147baa48eaa9151077d0b7a392 100724 GFI KerioControl - Remote Code Execution - CVE:CVE-2024-52875 Log Block This is a New Detection Cloudflare Managed Ruleset a3900934273b4a488111f810717a9e42 100748 XWiki - Remote Code Execution - CVE:CVE-2025-24893 Log Block This is a New Detection Cloudflare Managed Ruleset 616ad0e03892473191ca1df4e9cf745d 100750 SonicWall SMA - Dangerous File Upload - CVE:CVE-2021-20040, CVE:CVE-2021-20041, CVE:CVE-2021-20042 Log Block This is a New Detection Cloudflare Managed Ruleset 1a11fbe84b49451193ee1ee6d29da333 100751 Langflow - Remote Code Execution - CVE:CVE-2025-3248 Log Block This is a New Detection Cloudflare Managed Ruleset 5eb7ed601e6844828b9bdb05caa7b208 100752 MinIO - Auth Bypass - CVE:CVE-2025-31489 Log Block This is a New Detection
You might also wanna read
Cloudflare expands AI bot management tools with granular traffic controls for all customers
Cloudflare is celebrating the second "Content Independence Day" by expanding AI traffic management options for all website owners. Building
Workers - Simpler runtime types with @cloudflare/workers-types v5
Cloudflare·1d ago
AI Search - Manage AI Search sync jobs with Wrangler CLI
Cloudflare·2d ago
Workers - Work across multiple accounts with Wrangler auth profiles
Cloudflare·2d ago
Cache - Cache multiple versions of a URL with Vary
Cloudflare·2d ago
Cloudflare One - Hostname routing for Cloudflare Mesh
Cloudflare·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.