WAF Release - 2026-07-17 - Emergency
This emergency release adds a new managed rule to block active exploitation of a critical remote code execution (RCE) and SQL injection (SQLi) vulnerability found in popular web frameworks.
Key Findings
-
Generic Frameworks - Unauthenticated RCE: Attackers can execute arbitrary system commands with web server privileges by sending malicious input containing invalid path sequences during request processing.
-
Generic Frameworks - SQLi: Attackers can execute unauthorized database queries due to a failure to sanitize input values within request parameters.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | N/A | Generic Rules - Unauthenticated RCE | N/A | Block | This is a new detection. | |
| Cloudflare Managed Ruleset | N/A | Generic Rules - SQLi | N/A | Block | This is a new detection. | |
| Cloudflare Free Ruleset | N/A | Generic Rules - Unauthenticated RCE | N/A | Block | This is a new detection. | |
| Cloudflare Free Ruleset | N/A | Generic Rules - SQLi | N/A | Block | This is a new detection. |