This week’s update introduces an enhanced rule that expands detection coverage for a critical vulnerability in Oracle E-Business Suite. It also improves an existing rule to provide more reliable coverage in request processing.
Key Findings
New WAF rule deployed for Oracle E-Business Suite (CVE-2025-61882) to block unauthenticated attacker’s network access via HTTP to compromise Oracle Concurrent Processing. If successfully exploited, this vulnerability may result in remote code execution.
Impact
- Successful exploitation of CVE-2025-61882 allows unauthenticated attackers to execute arbitrary code remotely by chaining multiple weaknesses, enabling lateral movement into internal services, data exfiltration, and large-scale extortionware deployment within Oracle E-Business Suite environments.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | 933fc13202cd4e8ba498c0f32b4101ab | 100598A | Remote Code Execution – Common Bash Bypass – Beta | Log | Block | This rule is merged into the original rule “Remote Code Execution – Common Bash Bypass” (ID: f8238867ed3e4d3a9a7b731a50cec478 ) |
| Cloudflare Managed Ruleset | 185b5df42d1e44e0aeb8f8b8a1118614 | 100916A | Oracle E-Business Suite – Remote Code Execution – CVE:CVE-2025-61882 – 2 | Log | Block | This is a New Detection |
| Cloudflare Managed Ruleset | 646bccf7e9dc46918a4150d6c22b51d3 | N/A | HTTP Truncated | N/A | Disabled | This is a New Detection |
Source: Cloudflare
Latest Posts
- (Updated) Microsoft 365 Copilot: Navigation refresh in the M365 Copilot app [MC1187677]
- Microsoft 365 Copilot for Sales – Engage prospects faster with Sales Agent-enriched leads [MC1231406]
- (Updated) Migration update for Office 365 connectors retirement in Teams – webhook URL support [MC1181996]
- AWS Backup adds cross-Region database snapshot copy to logically air-gapped vaults
![(Updated) Rewrite with Microsoft 365 Copilot Chat coming soon to Edge for Business users [MC1146821]](https://mwpro.co.uk/wp-content/uploads/2025/06/pexels-olly-789822-96x96.webp "(Updated) Rewrite with Microsoft 365 Copilot Chat coming soon to Edge for Business users [MC1146821] 6")
![Configure and manage connected experiences with Edge Connected Feature Control (CFC) – Targeted Release [MC1176364]](https://mwpro.co.uk/wp-content/uploads/2024/08/pexels-agk42-2599244.bak_-150x150.webp "Configure and manage connected experiences with Edge Connected Feature Control (CFC) – Targeted Release [MC1176364] 7")