All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

WAF - WAF Release - 2026-04-21

2mo ago

Source

CloudflareWAF - WAF Release - 2026-04-21cloudflare.com
Snippet from the RSS feed
This week's release introduces a new detection for a Remote Code Execution (RCE) vulnerability in Apache ActiveMQ (CVE-2026-34197) and an updated signature for Magento 2 - Unrestricted File Upload. Alongside these detections, we are continuing our work on rule refinements to provide deeper security insights for our customers. Key Findings Apache ActiveMQ (CVE-2026-34197): A vulnerability in Apache ActiveMQ allows an unauthenticated, remote attacker to execute arbitrary code. This flaw occurs during the processing of specially crafted network packets, leading to potential full system compromise. Magento 2 - Unrestricted File Upload - 2: This is a follow-up enhancement to our existing protections for Magento and Adobe Commerce. Impact Successful exploitation of these vulnerabilities could allow unauthenticated attackers to execute arbitrary code or gain full administrative control over affected servers. We strongly recommend applying official vendor patches for Apache ActiveMQ and Magento to address the underlying vulnerabilities. Continuous Rule Improvements We are continuously refining our managed rules to provide more resilient protection and deeper insights into attack patterns. To ensure an optimal security posture, we recommend consistently monitoring the Security Events dashboard and adjusting rule actions as these enhancements are deployed. Ruleset Rule ID Legacy Rule ID Description Previous Action New Action Comments Cloudflare Managed Ruleset ff8df24181aa4573a81be531ee159e2e N/A Command Injection - Generic 8 - uri Log Block This is a new detection. Previous description was "Command Injection - Generic 8 - uri - Beta" Cloudflare Managed Ruleset 9429b63c137247faadeb8a29a15308cf N/A Command Injection - Generic 8 - body - Beta Disabled Disabled This is a new detection. This rule is merged into the original rule "Command Injection - Generic 8 - body" (ID: 5b3ce84c099040c6a25cee2d413592e2 ). The rule previously known as "Command Injection - Generic 8" is now renamed to "Command Injection - Generic 8 - body". Cloudflare Managed Ruleset 85aaf5db9e0c4237b87e837e958047ed N/A MySQL - SQLi - Executable Comment - Beta Log Block This is a new detection. This rule is merged into the original rule "MySQL - SQLi - Executable Comment - Body" (ID: 8629bb58defe4193ab4d493c7bd2d8fa ) The rule previously known as "MySQL - SQLi - Executable Comment" is now renamed to "MySQL - SQLi - Executable Comment - Body". Cloudflare Managed Ruleset d19cd574c4644952881a6f3a582cc559 N/A MySQL - SQLi - Executable Comment - Headers Log Block This is a new detection. Cloudflare Managed Ruleset 407f9ec8a17348dfba3b9450a16639d3 N/A MySQL - SQLi - Executable Comment - URI Log Block This is a new detection. Cloudflare Managed Ruleset d07e6dbf15664b99b37b0d2544f24211 N/A Magento 2 - Unrestricted file upload - 2 Log Block This is a new detection. Cloudflare Managed Ruleset 26ef21cb197b44fc8a98b7cebf170a17 N/A Apache ActiveMQ - Remote Code Execution - CVE:CVE-2026-34197 Log Block This is a new detection. Cloudflare Managed Ruleset 7f7bc3d28a8e43bf97bd15d68c2ac1a7 N/A SQLi - Sleep Function - Beta Log Block This is a new detection. This rule is merged into the original rule "SQLi - Sleep Function" (ID: 2c333735f7b24566b17cb64ef77e8d54 ) Cloudflare Managed Ruleset 3872e5638bdf4bf0943a80394dacaeb8 N/A SQLi - Sleep Function - Headers Log Block This is a new detection. Cloudflare Managed Ruleset bebce8fadfa94ccab09eb74fed4c9ece N/A SQLi - Sleep Function - URI Log Block This is a new detection. Cloudflare Managed Ruleset 7a40eed5a8654a50a2598a821dfa64df N/A SQLi - Probing - uri Log Block This is a new detection. Cloudflare Managed Ruleset 15c6b2ce033949b2a1a9f9454c62e2e7 N/A SQLi - Probing - header Log Block This is a new detection. Cloudflare Managed Ruleset fc9d800b7a724181af8d5650aab28ea1 N/A SQLi - Probing - body Disabled Disabled This is a new detection. This rule is merged into the original rule "SQLi - Probing" (ID: 2c20b5e8684043f48620ff77b4026c88 ) Cloudflare Managed Ruleset 945c5aa9f45141dd872d7ec920999be0 N/A SQLi - Probing 2 Disabled Disabled This rule had duplicate detection logic and has been deprecated. Cloudflare Managed Ruleset f1771273700342758e73cf16d7aa0008 N/A SQLi - UNION in MSSQL - Body Disabled Disabled This rule has been renamed to differentiate from "SQLi - UNION in MSSQL" (ID: ef7db598c7654c729d9db56fee5e35fd ) and contains updated rule logic. Cloudflare Managed Ruleset 3ffd242b4ba242ca965022d3a67d8561 N/A SQLi - UNION - 3 Disabled Disabled This rule had duplicate detection logic and has been deprecated. Cloudflare Managed Ruleset 5e69d599ad634c81abe36a5f0af34bba N/A XSS, HTML Injection - Embed Tag - URI Disabled Disabled This is a new detection. Cloudflare Managed Ruleset 2635275641bf44d4bad6a2e170282f38 N/A XSS, HTML Injection - Embed Tag - Headers Log Block This is a new detection. Cloudflare Managed Ruleset b3d033ea9f364574b0a2ec4223f4d718 N/A XSS, HTML Injection - IFrame Tag - Src and Srcdoc Attributes - Headers Log Disabled This is a new detection. Cloudflare Managed Ruleset 76c37816ef5c4997ab2080a36978def1 N/A XSS, HTML Injection - Link Tag - Headers Log Disabled This is a new detection. Cloudflare Managed Ruleset 7d6757e8a28f4853a72b4ce6ebd81645 N/A XSS, HTML Injection - Link Tag - URI Disabled Disabled This is a new detection.

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.