A huge collection of 3400+ free website templates JAR theme com WP themes and more at the biggest community-driven free web design site
Home / security-advisories / Multiple Critical Vulnerabilities in Magento

Multiple Critical Vulnerabilities in Magento

Advisory No: TZCERT/SA/2024/05/17-2

Date of First Release: 17th May 2024

Source: GitHub

Software Affected: Magento Commerce, Magento Open Source

Overview:

Magento applications are vulnerable to multiple critical vulnerabilities. The attacker can leverage the vulnerabilities to execute remote code commands.

Description:

Magento Commerce and Magento Open Source are affected by critical vulnerabilities. Among the systems affected by these vulnerabilities are those using sendmail as the mail transport agent and those with specific, non-default configuration settings. The remote attackers can exploit the vulnerabilities to execute remote code in the Magento admin panel.

Impact:

Successful exploitation of these vulnerabilities may allow an attacker to take control of the affected system.

Solution:

Magento has released security patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References:

  1. https://github.com/advisories/GHSA-prpf-cj87-hwvr
  2. https://github.com/advisories/GHSA-5gmh-85×8-5cx7
  3. https://github.com/advisories/GHSA-cv25-3pxr-4q7x
  4. https://github.com/advisories/GHSA-26hq-7286-mg8f

Best free WordPress theme

Check Also

Multiple critical vulnerabilities affecting WordPress (CVE-2024-3604, CVE-2024-6314, CVE-2024-6313, CVE-2024-6365)

Advisory No: TZCERT/SA/2024/07/10-2 Date of First Release: 10th July 2024 Source: Wordfence Software Affected: osm, …

DISCLAIMER |FAQ |CONTACT US
Tanzania Computer Emergency Response Team © Copyright 2024, All Rights Reserved.