Cloudflare Outage Caused by React2Shell Mitigations

Cloudflare Outage Caused by React2Shell Mitigations

Posted on By CWS

Cloudflare has blamed a Friday outage on mitigations for the vital React vulnerability dubbed React2Shell.

React2Shell, formally tracked as CVE-2025-55182, is an unauthenticated distant code execution vulnerability that got here to gentle on December 3.

Given the React improvement framework’s reputation, it’s not stunning that Chinese language and different risk actors rapidly jumped on the chance to take advantage of React2Shell.

Main corporations comparable to Google Cloud, AWS, and Cloudflare instantly responded to the vulnerability. 

Cloudflare knowledgeable clients quickly after the general public disclosure of CVE-2025-55182 that net software firewall (WAF) protections had been rolled out. Nonetheless, plainly among the mitigations carried out by the online efficiency and safety firm have led to disruptions.

Cloudflare began investigating points on December 5 at 08:56 UTC. A repair was rolled out inside half an hour, however by that point outages had been reported by a number of main web companies, together with Zoom, LinkedIn, Coinbase, DoorDash, and Canva.  

In a short incident report after companies had been restored, the corporate clarified that “a change made to how Cloudflare’s Internet Utility Firewall parses requests induced Cloudflare’s community to be unavailable for a number of minutes this morning”.

“This was not an assault; the change was deployed by our crew to assist mitigate the industry-wide vulnerability disclosed this week in React Server Parts,” Cloudflare added. Commercial. Scroll to proceed studying.

That is the second vital Cloudflare outage in lower than a month. An incident that occurred in mid-November impacted main on-line companies and important organizations for a number of hours. The corporate clarified on the time that the incident was not attributable to a cyberattack.  

Associated: Aisuru Botnet Powers File DDoS Assault Peaking at 29 Tbps

Associated: European Airport Disruptions Attributable to Ransomware Assault

Associated: Two-12 months-Previous Ray AI Framework Flaw Exploited in Ongoing Marketing campaign

Security Week News Tags:, , , ,

Related Posts

Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People Data Breach at Healthcare Services Firm Episource Impacts 5.4 Million People Security Week News
Fraud Prevention Company SEON Raises Million in Series C Funding Fraud Prevention Company SEON Raises $80 Million in Series C Funding Security Week News
Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) Watch Now: CodeSecCon – Where Software Security’s Next Chapter Unfolds (Virtual Event) Security Week News
CISA Warns AMI BMC Vulnerability Exploited in the Wild CISA Warns AMI BMC Vulnerability Exploited in the Wild Security Week News
Citrix Patches Exploited NetScaler Zero-Day Citrix Patches Exploited NetScaler Zero-Day Security Week News
UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks Security Week News