Researchers have identified two vulnerabilities in Cloudflare’s security tools that could potentially allow threat actors to send malicious traffic or reroute it through Cloudflare’s servers. These vulnerabilities are related to Cloudflare’s Authenticated Origin Pulls and Allowlist Cloudflare IP Addresses.
Vulnerabilities in Authenticated Origin Pulls and Allowlist Cloudflare IP Addresses
- Authenticated Origin Pulls: This security tool ensures that HTTPS requests sent to an origin server come through Cloudflare rather than from a third party.
- Allowlist Cloudflare IP Addresses: This feature ensures that only traffic originating from Cloudflare’s IP addresses reaches clients’ origin servers.
Exploiting Logic Flaws in Cross-Tenant Security Controls