Logic Flaws Let Attackers Bypass Cloudflare’s Firewall and DDoS Protection


An attack method that makes use of logical flaws in cross-tenant security policies has been shown to impair the effectiveness of Cloudflare’s Firewall and DDoS prevention. The foundation of the current issue is the organization’s use of open infrastructure, which welcomes connections from all users.

This discovery has raised concerns about potential flaws that could harm the clients of the security firm.The assault is disturbingly simple to launch because all the hackers need to do is sign up for a free Cloudflare account. Attackers need to know the IP address of a targeted web server, though, in order to take use of these vulnerabilities.

Read More…