WAF – WAF Release – 2025-09-29

WAF – WAF Release – 2025-09-29

This week highlights four important vendor- and component-specific issues: an authentication bypass in SimpleHelp (CVE-2024-57727), an information-disclosure flaw in Flowise Cloud (CVE-2025-58434), an SSRF in the WordPress plugin Ditty (CVE-2025-8085), and a directory-traversal bug in Vite (CVE-2025-30208). These are paired with improvements to our generic detection coverage (SQLi, SSRF) to raise the baseline and reduce noisy gaps.

Key Findings

  • SimpleHelp (CVE-2024-57727): Authentication bypass in SimpleHelp that can allow unauthorized access to management interfaces or sessions.

  • Flowise Cloud (CVE-2025-58434): Information-disclosure vulnerability in Flowise Cloud that may expose sensitive configuration or user data to unauthenticated or low-privileged actors.

  • WordPress:Plugin: Ditty (CVE-2025-8085): SSRF in the Ditty WordPress plugin enabling server-side requests that could reach internal services or cloud metadata endpoints.

  • Vite (CVE-2025-30208): Directory-traversal vulnerability in Vite allowing access to filesystem paths outside the intended web root.

Impact

These vulnerabilities allow attackers to gain access, escalate privileges, or execute actions that were previously unavailable:

  • SimpleHelp (CVE-2024-57727): An authentication bypass that can let unauthenticated attackers access management interfaces or hijack sessions — enabling lateral movement, credential theft, or privilege escalation within affected environments.

  • Flowise Cloud (CVE-2025-58434): Information-disclosure flaw that can expose sensitive configuration, tokens, or user data; leaked secrets may be chained into account takeover or privileged access to backend services.

  • WordPress:Plugin: Ditty (CVE-2025-8085): SSRF that enables server-side requests to internal services or cloud metadata endpoints, potentially allowing attackers to retrieve credentials or reach otherwise inaccessible infrastructure, leading to privilege escalation or cloud resource compromise.

  • Vite (CVE-2025-30208): Directory-traversal vulnerability that can expose filesystem contents outside the web root (configuration files, keys, source code), which attackers can use to escalate privileges or further compromise systems.

RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
Cloudflare Managed Ruleset6fe90532af50427484a5275c8c2e30fb 100717SimpleHelp – Auth Bypass – CVE:CVE-2024-57727LogBlockThis rule is merged to 100717 in legacy WAF and 498fcd81a62a4b5ca943e2de958094d3 in new WAF
Cloudflare Managed Ruleset013ef5de3f074fd5a43cdd70d58b886b 100775Flowise Cloud – Information Disclosure – CVE:CVE-2025-58434LogBlockThis is a New Detection
Cloudflare Managed Ruleset68fc5c086ccb4b40a35a63b19bce1ff4 100881WordPress:Plugin:Ditty – SSRF – CVE:CVE-2025-8085LogBlockThis is a New Detection
Cloudflare Managed Ruleset9e1a56e6b3bc49b187bf6e35ddc329dd 100887Vite – Directory Traversal – CVE:CVE-2025-30208LogBlockThis is a New Detection

Source: Cloudflare



Latest Posts

Pass It On
Leave a Comment

Comments

No comments yet. Why don’t you start the discussion?

Leave a Reply

Your email address will not be published. Required fields are marked *