WAF - WAF Release - 2025-05-27
1y ago
Source
CloudflareWAF - WAF Release - 2025-05-27cloudflare.comThis week’s roundup covers nine vulnerabilities, including six critical RCEs and one dangerous file upload. Affected platforms span cloud services, CI/CD pipelines, CMSs, and enterprise backup systems. Several are now addressed by updated WAF managed rulesets. Key Findings Ingress-Nginx (CVE-2025-1098): Unauthenticated RCE via unsafe annotation handling. Impacts Kubernetes clusters. GitHub Actions (CVE-2025-30066): RCE through malicious workflow inputs. Targets CI/CD pipelines. Craft CMS (CVE-2025-32432): Template injection enables unauthenticated RCE. High risk to content-heavy sites. F5 BIG-IP (CVE-2025-31644): RCE via TMUI exploit, allowing full system compromise. AJ-Report (CVE-2024-15077): RCE through untrusted template execution. Affects reporting dashboards. NAKIVO Backup (CVE-2024-48248): RCE via insecure script injection. High-value target for ransomware. SAP NetWeaver (CVE-2025-31324): Dangerous file upload flaw enables remote shell deployment. Ivanti EPMM (CVE-2025-4428, 4427): Auth bypass allows full access to mobile device management. Vercel (CVE-2025-32421): Information leak via misconfigured APIs. Useful for attacker recon. Impact These vulnerabilities expose critical components across Kubernetes, CI/CD pipelines, and enterprise systems to severe threats including unauthenticated remote code execution, authentication bypass, and information leaks. High-impact flaws in Ingress-Nginx, Craft CMS, F5 BIG-IP, and NAKIVO Backup enable full system compromise, while SAP NetWeaver and AJ-Report allow remote shell deployment and template-based attacks. Ivanti EPMM’s auth bypass further risks unauthorized control over mobile device fleets. GitHub Actions and Vercel introduce supply chain and reconnaissance risks, allowing malicious workflow inputs and data exposure that aid in targeted exploitation. Organizations should prioritize immediate patching, enhance monitoring, and deploy updated WAF and IDS signatures to defend against likely active exploitation. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 6a61a14f44af4232a44e45aad127592a 100746 Vercel - Information Disclosure Log Disabled This is a New Detection Cloudflare Managed Ruleset bd30b3c43eb44335ab6013c195442495 100754 AJ-Report - Remote Code Execution - CVE:CVE-2024-15077 Log Block This is a New Detection Cloudflare Managed Ruleset 6a13bd6e5fc94b1d9c97eb87dfee7ae4 100756 NAKIVO Backup - Remote Code Execution - CVE:CVE-2024-48248 Log Block This is a New Detection Cloudflare Managed Ruleset a4af6f2f15c9483fa9eab01d1c52f6d0 100757 Ingress-Nginx - Remote Code Execution - CVE:CVE-2025-1098 Log Disabled This is a New Detection Cloudflare Managed Ruleset bd30b3c43eb44335ab6013c195442495 100759 SAP NetWeaver - Dangerous File Upload - CVE:CVE-2025-31324 Log Block This is a New Detection Cloudflare Managed Ruleset dab2df4f548349e3926fee845366ccc1 100760 Craft CMS - Remote Code Execution - CVE:CVE-2025-32432 Log Block This is a New Detection Cloudflare Managed Ruleset 5eb23f172ed64ee08895e161eb40686b 100761 GitHub Action - Remote Code Execution - CVE:CVE-2025-30066 Log Disabled This is a New Detection Cloudflare Managed Ruleset 827037f2d5f941789efcba6260fc041c 100762 Ivanti EPMM - Auth Bypass - CVE:CVE-2025-4428, CVE:CVE-2025-4427 Log Block This is a New Detection Cloudflare Managed Ruleset ddee6d1c4f364768b324609cebafdfe6 100763 F5 Big IP - Remote Code Execution - CVE:CVE-2025-31644 Log Disabled This is a New Detection
You might also wanna read
Cloudflare expands AI bot management tools with granular traffic controls for all customers
Cloudflare is celebrating the second "Content Independence Day" by expanding AI traffic management options for all website owners. Building
Workers - Simpler runtime types with @cloudflare/workers-types v5
Cloudflare·1d ago
AI Search - Manage AI Search sync jobs with Wrangler CLI
Cloudflare·2d ago
Workers - Work across multiple accounts with Wrangler auth profiles
Cloudflare·2d ago
Cache - Cache multiple versions of a URL with Vary
Cloudflare·2d ago
Cloudflare One - Hostname routing for Cloudflare Mesh
Cloudflare·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.