Cloudflare Zero-Day Vulnerability: Global Access to Any Host via ACME Service

The post describes a zero-day vulnerability affecting Cloudflare, allowing an attacker to access any host globally through the ACME (Automatic Certificate Management Environment) service. The exploitation relies on a flaw in DNS and HTTP request validation, bypassing security restrictions. The researcher details the method used to reproduce the attack and the necessary conditions. Cloudflare has patched the issue following the report.