Jump to content

Joomla Zero Day Exploit


TCH-Blog

Recommended Posts

The Joomla security team has fixed a highly critical zero-day bug, which allows an attacker to take full control of an affected site’s administration area.

The vulnerability affects Joomla versions 1.5 to 3.4.5, it involves an object injection vulnerability via the HTTP user agent that leads to a full remote command execution.

You can determine your Joomla version by logging into your administrator area, the version will be displayed either in the top right hand corner or at the bottom of your administrator panel.

This is a serious vulnerability that can be easily exploited and is already in the wild. If you are using Joomla, it is essential that you upgrade to the latest version

For EOL versions a patch has been provided which can be found at the link below, however we strongly recommend clients upgrade to the latest version as soon as possible.

Joomla EOL patches for CVE-2015-8562

 

View the full article

 

 

 

Discuss in Forums

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...