WAF Release - 2025-04-02
| Ruleset | Rule ID | Legacy Rule ID | Description | Previous Action | New Action | Comments |
|---|---|---|---|---|---|---|
| Cloudflare Managed Ruleset | 100732 | Sitecore - Code Injection - CVE:CVE-2025-27218 | Log | Block | This is a New Detection | |
| Cloudflare Managed Ruleset | 100733 | Angular-Base64-Upload - Remote Code Execution - CVE:CVE-2024-42640 | Log | Block | This is a New Detection | |
| Cloudflare Managed Ruleset | 100734 | Apache Camel - Remote Code Execution - CVE:CVE-2025-29891 | Log | Disabled | This is a New Detection | |
| Cloudflare Managed Ruleset | 100735 | Progress Software WhatsUp Gold - Remote Code Execution - CVE:CVE-2024-4885 | Log | Block | This is a New Detection | |
| Cloudflare Managed Ruleset | 100737 | Apache Tomcat - Remote Code Execution - CVE:CVE-2025-24813 | Log | Block | This is a New Detection | |
| Cloudflare Managed Ruleset | 100659 | Common Payloads for Server-side Template Injection | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100659 | Common Payloads for Server-side Template Injection - Base64 | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100642 | LDAP Injection | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100642 | LDAP Injection Base64 | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100005 | DotNetNuke - File Inclusion - CVE:CVE-2018-9126, CVE:CVE-2011-1892, CVE:CVE-2022-31474 | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100527 | Apache Struts - CVE:CVE-2021-31805 | N/A | Block | N/A | |
| Cloudflare Managed Ruleset | 100702 | Command Injection - CVE:CVE-2022-24108 | N/A | Block | N/A | |
| Cloudflare Managed Ruleset | 100622C | Ivanti - Command Injection - CVE:CVE-2023-46805, CVE:CVE-2024-21887, CVE:CVE-2024-22024 | N/A | Block | N/A | |
| Cloudflare Managed Ruleset | 100536C | GraphQL Command Injection | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100536 | GraphQL Injection | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100536A | GraphQL Introspection | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100536B | GraphQL SSRF | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100559A | Prototype Pollution - Common Payloads | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100559A | Prototype Pollution - Common Payloads - Base64 | N/A | Disabled | N/A | |
| Cloudflare Managed Ruleset | 100734 | Apache Camel - Remote Code Execution - CVE:CVE-2025-29891 | N/A | Disabled | N/A |
Was this helpful?
- Resources
- API
- New to Cloudflare?
- Products
- Sponsorships
- Open Source
- Support
- Help Center
- System Status
- Compliance
- GDPR
- Company
- cloudflare.com
- Our team
- Careers
- © 2025 Cloudflare, Inc.
- Privacy Policy
- Terms of Use
- Report Security Issues
- Trademark