WAF - WAF Release - 2026-04-15
2mo ago
Source
CloudflareWAF - WAF Release - 2026-04-15cloudflare.comThis week's release introduces a new detection for a critical Remote Code Execution (RCE) vulnerability in Mesop (CVE-2026-33057), alongside protections for high-impact vulnerabilities in Cisco Secure Firewall Management Center (CVE-2026-20079) and FortiClient EMS (CVE-2026-21643). Additionally, this release includes an update to our existing React Server DoS coverage to address recently identified resource exhaustion vectors (CVE-2026-23869). Key Findings Cisco Secure FMC (CVE-2026-20079): A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) that allows an unauthenticated, remote attacker to execute arbitrary commands or bypass security filters. FortiClient EMS (CVE-2026-21643): A critical vulnerability in the FortiClient EMS permitting unauthorized access or administrative configuration manipulation via crafted HTTP requests. Mesop (CVE-2026-33057): A vulnerability in the Mesop Python-based UI framework where unauthenticated attackers can execute arbitrary code by sending specially crafted, Base64-encoded payloads in the request body. Impact Successful exploitation of these vulnerabilities could allow unauthenticated attackers to execute arbitrary code, gain administrative control over network management infrastructure, or trigger server-side resource exhaustion. Administrators are strongly encouraged to apply official vendor updates. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset 7767165cda1841b8b6e5abb7aef9415b N/A Cisco Secure FMC - RCE via upgradeReadinessCall - CVE:CVE-2026-20079 Log Block This is a new detection. Cloudflare Managed Ruleset 3dd0b2b6f45c4bc08e49bf27ee7be621 N/A FortiClient EMS - Pre-Auth SQL Injection - CVE:CVE-2026-21643 Log Block This is a new detection. Cloudflare Managed Ruleset 0e3a6828906c4b24bad318a9c953a72b N/A Mesop - Remote Code Execution - Base64 Payload - CVE:CVE-2026-33057 Log Block This is a new detection. Cloudflare Managed Ruleset d95aa5410d1b4e98bf7a59d150c08f6f N/A React Server - DOS - CVE:CVE-2026-23864 - 1 - Beta Log Block This rule has been merged into the original rule "React Server - DOS - CVE:CVE-2026-23864 - 1" (ID: aaede80b4d414dc89c443cea61680354 ) Cloudflare Managed Ruleset 7d6757e8a28f4853a72b4ce6ebd81645 N/A XSS, HTML Injection - Link Tag - URI (beta) N/A Disabled This is a new detection. Cloudflare Managed Ruleset 5e69d599ad634c81abe36a5f0af34bba N/A XSS, HTML Injection - Embed Tag - URI (beta) N/A Disabled This is a new detection.
You might also wanna read
Cloudflare expands AI bot management tools with granular traffic controls for all customers
Cloudflare is celebrating the second "Content Independence Day" by expanding AI traffic management options for all website owners. Building
Workers - Simpler runtime types with @cloudflare/workers-types v5
Cloudflare·1d ago
AI Search - Manage AI Search sync jobs with Wrangler CLI
Cloudflare·2d ago
Workers - Work across multiple accounts with Wrangler auth profiles
Cloudflare·2d ago
Cache - Cache multiple versions of a URL with Vary
Cloudflare·2d ago
Cloudflare One - Hostname routing for Cloudflare Mesh
Cloudflare·2d ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.