WAF - WAF Release - 2025-10-20
8mo ago
Source
CloudflareWAF - WAF Release - 2025-10-20cloudflare.comThis week’s update introduces an enhanced rule that expands detection coverage for a critical vulnerability in Oracle E-Business Suite. It also improves an existing rule to provide more reliable coverage in request processing. Key Findings New WAF rule deployed for Oracle E-Business Suite (CVE-2025-61882) to block unauthenticated attacker's network access via HTTP to compromise Oracle Concurrent Processing. If successfully exploited, this vulnerability may result in remote code execution. Impact Successful exploitation of CVE-2025-61882 allows unauthenticated attackers to execute arbitrary code remotely by chaining multiple weaknesses, enabling lateral movement into internal services, data exfiltration, and large-scale extortionware deployment within Oracle E-Business Suite environments. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 933fc13202cd4e8ba498c0f32b4101ab 100598A Remote Code Execution - Common Bash Bypass - Beta Log Block This rule is merged into the original rule "Remote Code Execution - Common Bash Bypass" (ID: f8238867ed3e4d3a9a7b731a50cec478 ) Cloudflare Managed Ruleset 185b5df42d1e44e0aeb8f8b8a1118614 100916A Oracle E-Business Suite - Remote Code Execution - CVE:CVE-2025-61882 - 2 Log Block This is a New Detection Cloudflare Managed Ruleset 646bccf7e9dc46918a4150d6c22b51d3 N/A HTTP Truncated N/A Disabled This is a New Detection
You might also wanna read
Cloudflare expands AI bot management tools with granular traffic controls for all customers
Cloudflare is celebrating the second "Content Independence Day" by expanding AI traffic management options for all website owners. Building
Workers - Simpler runtime types with @cloudflare/workers-types v5
Cloudflare·1d ago
Cache - Cache multiple versions of a URL with Vary
Cloudflare·2d ago
AI Search - Manage AI Search sync jobs with Wrangler CLI
Cloudflare·2d ago
Cloudflare One - Hostname routing for Cloudflare Mesh
Cloudflare·2d ago
Workers - Work across multiple accounts with Wrangler auth profiles
Cloudflare·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.