Hasty Briefsbeta

Critical RCE patched in Imunify360 affects up to 50M+ websites

10 days ago
https://patchstack.com/articles/remote-code-execution-vulnerability-found-in-imunify360/
Copy Link
  • #RCE
  • #Imunify360
  • #Security
  • Critical Remote Code Execution (RCE) vulnerability patched in Imunify360 AV (AI-bolit) prior to v32.7.4.0.
  • Vulnerability allows attackers to execute arbitrary system commands or PHP code via crafted obfuscated PHP files.
  • Imunify360 serves up to 56 million websites, making this a high-impact issue.
  • Deobfuscation logic in Imunify360 executes untrusted functions, leading to RCE.
  • Default configurations enable deobfuscation, increasing exploitability.
  • CVSS score assessed as 8.1 (High severity).
  • No formal advisory or CVE issued by CloudLinux/Imunify360 at the time of reporting.
  • Proof of Concept (PoC) provided demonstrating exploitation.
  • Patch restricts execution to a whitelist of safe functions.
  • Recommended actions: immediate patching, isolation, or removal of vulnerable versions.
AboutLogin