The Hacker News

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Cloudflare patched an ACME HTTP-01 validation flaw that disabled WAF protections and let unauthorized requests reach origin ...

Cloudflare whacks WAF bypass bug that opened side door for attackers

Cloudflare has fixed a flaw in its web application firewall (WAF) that allowed attackers to bypass security rules and directly access origin servers, which could lead to data theft or full server ...