This emergency release adds a new managed rule to block active exploitation of a critical remote code execution (RCE) and SQL injection (SQLi) vulnerability found in popular web frameworks.
Key Findings
-
Generic Frameworks – Unauthenticated RCE: Attackers can execute arbitrary system commands with web server privileges by sending malicious input containing invalid path sequences during request processing.
-
Generic Frameworks – SQLi: Attackers can execute unauthorized database queries due to a failure to sanitize input values within request parameters.
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | 7dfb2bd4708d4b88b9911dc0550664b6 | N/A | Generic Rules – Unauthenticated RCE | N/A | Block | This is a new detection. |
| Cloudflare Managed Ruleset | 1c060d3a371549219ee290d7ed933fcc | N/A | Generic Rules – SQLi | N/A | Block | This is a new detection. |
| Cloudflare Free Ruleset | ebd3f2df15c74ddcbf6220c9b5ec246a | N/A | Generic Rules – Unauthenticated RCE | N/A | Block | This is a new detection. |
| Cloudflare Free Ruleset | db003b39b7774859a8d588ce33697a1a | N/A | Generic Rules – SQLi | N/A | Block | This is a new detection. |
Source: Cloudflare
Latest Posts
- Amazon SageMaker HyperPod now supports partition-level topology for Slurm orchestrated clusters

- Amazon GameLift Streams now supports IAM role credentials for stream sessions

- WAF – WAF Release – 2026-07-17 – Emergency

- MC1243549: SharePoint and OneDrive Retire One-Time Passcode and Shift External Sharing to Microsoft Entra B2B




