WAF – WAF Release – Scheduled changes for 2025-09-08

Modern Workspace Pro 6 September 2025Cloudflare, WAF

Announcement Date	Release Date	Release Behavior	Legacy Rule ID	Rule ID	Description	Comments
2025-09-01	2025-09-08	Log	100007D	7c5812a31fd94996b3299f7e963d7afc	Command Injection – Common Attack Commands Args	Beta detection. This will be merged into the original rule “Command Injection – Common Attack Commands” (ID: 89557ce9b26e4d4dbf29e90c28345b9b )
2025-09-01	2025-09-08	Log	100617	cd528243d6824f7ab56182988230a75b	Next.js – SSRF – CVE:CVE-2025-57822	This is a New Detection
2025-09-01	2025-09-08	Log	100659_BETA	503b337dac5c409d8f833a6ba22dabf1	Common Payloads for Server-Side Template Injection – Beta	Beta detection. This will be merged into the original rule “Common Payloads for Server-Side Template Injection” (ID: 21c7a963e1b749e7b1753238a28a42c4 )
2025-09-01	2025-09-08	Log	100824B	6d24266148f24f5e9fa487f8b416b7ca	CrushFTP – Remote Code Execution – CVE:CVE-2025-54309 – 3	This is a New Detection
2025-09-01	2025-09-08	Log	100848	154b217c43d04f11a13aeff05db1fa6b	ScriptCase – Auth Bypass – CVE:CVE-2025-47227	This is a New Detection
2025-09-01	2025-09-08	Log	100849	cad6f1c8c6d44ef59929e6532c62d330	ScriptCase – Command Injection – CVE:CVE-2025-47228	This is a New Detection
2025-09-01	2025-09-08	Log	100872	e7464139fd3e44938b56716bef971afd	WordPress:Plugin:InfiniteWP Client – Missing Authorization – CVE:CVE-2020-8772	This is a New Detection
2025-09-01	2025-09-08	Log	100873	0181ebb2cc234f2d863412e1bab19b0b	Sar2HTML – Command Injection – CVE:CVE-2025-34030	This is a New Detection
2025-09-01	2025-09-08	Log	100875	34d5c7c7b08b40eaad5b2bb3f24c0fbe	Zhiyuan OA – Remote Code Execution – CVE:CVE-2025-34040	This is a New Detection

Source: Cloudflare

Latest Posts

(Updated) Microsoft Exchange Online: New Message Trace will be GA; legacy Message Trace will retire [MC1092458]
(Updated) Retirement of several Microsoft Planner features in early 2026 as part of a Planner update [MC1193421]
Amazon WorkSpaces Applications now supports Microsoft Windows Server 2025
Amazon RDS enhances observability for snapshot exports to Amazon S3

Pass It On

Snow Rider 3D on Amazon Cognito now supports resource indicators to simplify enhancing protection of OAuth 2.0 resources28 October 2025
Wow, this change in Cognito sounds like a game-changer for security! It's kinda wild how little things like specifying resource…
URL on Update to inline image representation in Outlook on the web and new Outlook for Windows [MC1174855]24 October 2025
... [Trackback] [...] Read More here: mwpro.co.uk/blog/2025/10/18/update-to-inline-image-representation-in-outlook-on-the-web-and-new-outlook-for-windows-mc1174855/ [...]
Mike on GCP Release Notes: October 01, 20252 October 2025
Haha, “magical shrinking sauce” is such a perfect way to describe it! The new InPlaceOrRecreate mode really does feel like…
Mike on GCP Release Notes: October 01, 20252 October 2025
Haha, love the imagery — “tiny floating islands” vs “resource-guzzling behemoths” is exactly how VPA feels sometimes! Kubernetes definitely keeps…
Mike on Upcoming Secure by Default Settings Changes for Exchange and Teams APIs [MC1163922]2 October 2025
Absolutely nailed it — this update does feel like Microsoft handing the keys back to IT admins, but with a…