Skip to content

Historical (2023)

RulesetRule IDLegacy Rule IDDescriptionChange DateOld ActionNew Action
Cloudflare Specials…1bc977d1N/A

DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474

2023-12-18N/ABlock
Cloudflare Specials…bb6d4e13100615Apache Struts - Remote Code Execution - CVE:CVE-2023-50164Emergency, 2023-12-14N/ABlock
Cloudflare Specials…8ed2b1d9100611

WordPress:Plugin:WooCommerce - Unauthorized Administrator Access - CVE:CVE-2023-28121

2023-11-21N/ABlock
Cloudflare Specials…c3b6a372100593

Adobe ColdFusion - Auth Bypass, Remote Code Execution - CVE:CVE-2023-29298, CVE:CVE-2023-38203, CVE:CVE-2023-26360

2023-11-21N/ABlock
Cloudflare Specials…c54e7046100614Atlassian Confluence - Code Injection - CVE:CVE-2023-22518Emergency, 2023-11-06N/ABlock
Cloudflare Specials…d59a59db100609Keycloak - SSRF - CVE:CVE-2020-107702023-10-30N/ABlock
Cloudflare Specials…3e3f706d100606

JetBrains TeamCity - Auth Bypass, Remote Code Execution - CVE:CVE-2023-42793

2023-10-23N/ABlock
Cloudflare Specials…469c4a38100607Progress WS_FTP - Information Disclosure - CVE:CVE-2023-400442023-10-23N/ABlock
Cloudflare Specials…7ccccdce100608Progress WS_FTP - Remote Code Execution - CVE:CVE-2023-400442023-10-23N/ABlock
Cloudflare Specials…ec9f34e1100604

Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515.


Also released for Cloudflare Free customers, with rule ID …91935fcb (updated detection logic).

Emergency, 2023-10-11N/ABlock
Cloudflare Specials…ec9f34e1100604,100605

Atlassian Confluence - Privilege Escalation - CVE:CVE-2023-22515.


Also released for Cloudflare Free customers, with rule ID …91935fcb.

Emergency, 2023-10-04N/ABlock
Cloudflare Specials…34780914100532Vulnerability scanner activity2023-10-02N/ABlock
Cloudflare Specials…066c0c9a100602Code Injection - CVE:CVE-2023-36845Emergency, 2023-09-22N/ABlock
Cloudflare Specials…0746d000100603Information Disclosure - CVE:CVE-2023-28432Emergency, 2023-09-22N/ABlock
Cloudflare Specials…25ba9d7cN/ASSRF Cloud2023-09-18N/ADisabled
Cloudflare Specials…c5f041ac100597Information Disclosure - Path Normalization2023-09-04LogBlock
Cloudflare Specials…50cec478100598Remote Code Execution - Common Bash Bypass2023-09-04LogBlock
Cloudflare Specials…ec5b0d04100599Ivanti - Auth Bypass - CVE:CVE-2023-380352023-09-04LogBlock
Cloudflare Specials…6912c055100601Malware - Polymorphic Encoder2023-09-04LogBlock
Cloudflare Specials…8242627b100146BSSRF Local BETA2023-09-04LogDisabled
Cloudflare Specials…84dadf5a100595MobileIron - Auth Bypass - CVE:CVE-2023-350822023-08-21LogBlock
Cloudflare Specials…48a60154N/ASQLi - Keyword + SubExpress + Comment + BETA2023-08-21N/ADisabled
Cloudflare Specials…cac42ce2100596

Citrix Content Collaboration ShareFile - Remote Code Execution - CVE:CVE-2023-24489

Emergency, 2023-08-17N/ABlock
Cloudflare Specials…c3b6a372100593

Adobe ColdFusion - Auth Bypass, Remote Code Execution - CVE:CVE-2023-29298, CVE:CVE-2023-38203, CVE:CVE-2023-26360

2023-08-07N/ABlock
Cloudflare Specials…63d65c25100594Citrix Netscaler ADC - Remote Code Execution - CVE:CVE-2023-35192023-08-07LogBlock
Cloudflare Specials…63d65c25100594Citrix Netscaler ADC - Remote Code Execution - CVE:CVE-2023-3519Emergency, 2023-08-01N/ALog
Cloudflare Specials…777f5c34100590Fortigate VPN - Remote Code Execution - CVE:CVE-2023-279972023-07-31N/ABlock
Cloudflare Specials…0bd669ca100592Code Injection - Generic2023-07-31N/ABlock
OWASP Rules…af347fdeN/A944100: Remote Command Execution: Suspicious Java class detected2023-07-10N/ABlock
OWASP Rules…9fae472bN/A

944110: Remote Command Execution: Java process spawn (CVE-2017-9805)

2023-07-10N/ABlock
OWASP Rules…5ab75703N/A

944120: Remote Command Execution: Java serialization (CVE-2015-4852)

2023-07-10N/ABlock
OWASP Rules…73cd4e53N/A

944210: Magic bytes Detected Base64 Encoded, probable Java serialization in use

2023-07-10N/ABlock
OWASP Rules…e068f5d3N/A944300: Base64 encoded string matched suspicious keyword2023-07-10N/ABlock
Cloudflare Specials…6f9bfc13100590VMware - Remote Code Execution - CVE:CVE-2023-208872023-07-05N/ABlock
Cloudflare Specials…fb982fd6100008GSQLi - Libinject with Body Inspection2023-07-05N/ADisabled
Cloudflare Specials…7bc0259f100008NSCommand Injection - Netcat - Body2023-07-05N/ADisabled
Cloudflare Specials…8559ddfa100589File Inclusion - WEB-INF2023-06-19N/ABlock
Cloudflare Specials…269024be100587Code Injection - CVE:CVE-2019-188892023-06-19N/ABlock
Cloudflare Specials…6f9bfc13100590VMware - Remote Code Execution - CVE:CVE-2023-20887Emergency, 2023-06-14N/ABlock
Cloudflare Specials…269024be100587Code Injection - CVE:CVE-2022-235292023-06-12N/ABlock
Cloudflare Specials…3ff033f6100588MoveIT - SSRFEmergency, 2023-06-09N/ABlock
Cloudflare Specials…dae05f0a100583Sophos - Code Injection - CVE:CVE-2023-16712023-05-22N/ABlock
Cloudflare Specials…dd1b7502100584Oracle Opera - Code Injection - CVE:CVE-2023-219322023-05-22N/ADisabled
Cloudflare Specials…18585d20100582vBulletin - Code Injection - CVE:CVE-2023-251352023-05-02N/ABlock
Cloudflare Specials…49e6b538100534Webshell Activity2023-05-02N/ABlock
Cloudflare Specials…8b036974100558Malware, Web Shell2023-05-02N/ALog
Cloudflare Specials…dfc9b843100580XSS - Error handling2023-04-11N/ABlock
Cloudflare Specials…2f26b3a7100581Joomla - Information Disclosure - CVE:CVE-2023-237522023-04-11N/ABlock
Cloudflare Specials…602dabe0N/AXSS - JavaScript Events2023-04-11N/ABlock
Cloudflare SpecialsN/A100546XSS - HTML Encoding2023-04-11N/ABlock
Cloudflare Specials…a47c4be6100577Apache Spark - Remote Code Execution - CVE:CVE-2022-338912023-03-20N/ABlock
Cloudflare Specials…54d00d2f100578GLPI - Remote Code Execution - CVE:CVE-2022-359142023-03-20N/ABlock
Cloudflare Specials…fb4c6991100579GitLab - Remote Code Execution - CVE:CVE-2021-222052023-03-20N/ABlock
Cloudflare Specials…ad679b95100575ZK Framework - Information Disclosure - CVE:CVE-2022-365372023-03-13N/ABlock
Cloudflare Specials…f2cc4e84100524Java - Remote Code Execution2023-03-06N/ABlock
Cloudflare Specials…30d612c4100572Java - Remote Code Execution - URL2023-03-06N/ABlock
Cloudflare Specials…9497744a100570FortiNAC - Remote Code Execution - CVE:CVE-2022-399522023-03-06N/ABlock
Cloudflare Specials…5d38ed42100564

Oracle E-Business Suite - Remote Code Execution - CVE:CVE-2022-21587

2023-02-27N/ABlock
Cloudflare Specials…d7e78753100566Ruby on Rails - Remote Code Execution2023-02-27N/ABlock
Cloudflare Specials…72612a5b100568Cacti - Remote Code Execution - CVE:CVE-2022-461692023-02-27N/ABlock
Cloudflare Specials…a6fda143100563Template Injection2023-02-13N/ABlock
Cloudflare Specials…b090ba9a100303Command Injection - Nslookup2023-02-13N/ABlock
Cloudflare Specials…0550c529100016Version Control - Information Disclosure2023-02-13N/ABlock
Cloudflare Specials…d3cdd6ac100561Remote Code Execution - Double Extension2023-02-13N/ABlock
Cloudflare Specials…f2cc4e84100524Java - Remote Code Execution2023-02-06N/ABlock
Cloudflare Specials…1b4e622e100560Microsoft Exchange - Broken Authentication - CVE:CVE-2021-337662023-02-06N/ABlock
Cloudflare Specials…de5e2367N/AXSS - JavaScript Events2023-01-30N/ABlock
Cloudflare Specials…4c2e80c3100557Code Injection - JavaScript2023-01-30N/ABlock
Cloudflare Specials…65414846100559Prototype pollution Attack, Headers2023-01-30N/ABlock
Cloudflare OWASP…fc25d2f1fN/ARollback Cloudflare OWASP to version 3.3.3 from 3.3.42023-01-24N/AN/A
Cloudflare Specials…8b036974100558Malware, Web Shell2023-01-16N/ALog
Cloudflare SpecialsN/A100135CXSS - JavaScript Events2023-01-16N/ABlock
Cloudflare OWASP…fc25d2f1fN/AUpgrading Cloudflare OWASP to version 3.3.42023-01-16N/AN/A
Cloudflare Specials…b604fb62100551B

Microsoft Exchange SSRF and RCE vulnerability 2 - CVE:CVE-2022-41040, CVE:CVE-2022-41082

2023-01-09N/ABlock