This week's release introduces new detections for a critical authentication bypass vulnerability in Fortinet products (CVE-2025-59718), alongside three new generic detection rules designed to identify and block HTTP Parameter Pollution attempts. Additionally, this release includes targeted protection for a high-impact unrestricted file upload vulnerability in Magento and Adobe Commerce. Key Findings
CVE-2025-59718: An improper cryptographic signature verification vulnerability in Fortinet FortiOS, FortiProxy, and FortiSwitchManager. This may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication using a maliciously crafted SAML message, if that feature is enabled on the device.
Magento 2 - Unrestricted File Upload: A critical flaw in Magento and Adobe Commerce allows unauthenticated attackers to bypass security checks and upload malicious files to the server, potentially leading to Remote Code Execution (RCE).
Impact Successful exploitation of the Fortinet and Magento vulnerabilities could allow unauthenticated attackers to gain administrative control or deploy webshells, leading to complete server compromise and data theft. RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionCommentsCloudflare Managed Ruleset4f7d513cea424c2a853881982f7f95e9 N/AGeneric Rules - Parameter Pollution - BodyLogDisabledThis is a new detection.Cloudflare Managed Ruleset60d023f3be414d379428add3319731a4 N/A Generic Rules - Parameter Pollution - Header - Form Log Disabled This is a new detection.Cloudflare Managed Ruleset2dde02d792ad41ec8fd65c2bdef262dd N/A Generic Rules - Parameter Pollution - URI Log Disabled This is a new detection.Cloudflare Managed Rulesetab8a96ed13034d56a81a79e570a36147 N/AMagento 2 - Unrestricted file uploadLogBlockThis is a new detection.Cloudflare Managed Ruleset0a13a38dd81c44688950444e2ffcca9f N/AFortinet FortiCloud SSO - Authentication Bypass - CVE:CVE-2025-59718LogBlockThis is a new detection.
Fetched April 4, 2026