Jump to content


Photo

Joomla Zero Day Exploit


  • This topic is locked This topic is locked
No replies to this topic

#1 TCH-Blog

TCH-Blog

    Distant Family

  • Staff
  • PipPipPip
  • 119 posts

Posted 15 December 2015 - 09:56 PM

The Joomla security team has fixed a highly critical zero-day bug, which allows an attacker to take full control of an affected site’s administration area.

The vulnerability affects Joomla versions 1.5 to 3.4.5, it involves an object injection vulnerability via the HTTP user agent that leads to a full remote command execution.

You can determine your Joomla version by logging into your administrator area, the version will be displayed either in the top right hand corner or at the bottom of your administrator panel.

This is a serious vulnerability that can be easily exploited and is already in the wild. If you are using Joomla, it is essential that you upgrade to the latest version

For EOL versions a patch has been provided which can be found at the link below, however we strongly recommend clients upgrade to the latest version as soon as possible.

Joomla EOL patches for  CVE-2015-8562


 

View the full article

 

 

 

Discuss in Forums






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users