Categories: Security

Magento web e-commerce critical RCE (remote code execution) vulnerability .

Table of Contents

Toggle

A patch to address the flaws was released on February 9, 2015 (SUPEE-5344 available here). Store owners and administrators are urged to apply the patch immediately if they haven’t done so already.

RECOMMENDED ACTIONS:

1. Check for unknown files in the web server document root directory. If you find any, you may be impacted.

2. Download and implement 2 patches from the Magento Community Edition download page.

SUPEE-5344 – Addresses a potential remote code execution exploit (Added Feb 9, 2015)
SUPEE-1533 – Addresses two potential remote code execution exploits (Added Oct 3, 2014)

3. Implement and test the patches in a development environment first to confirm that they work as expected before deploying them to your production site.

Note: Different versions of the patch are available for Magento Community Edition 1.4.x through 1.9.x.

HOW TO DOWNLOAD?

You can access Magento’s Community Edition download page from here. Find “Magento Community Edition Patches” section and download the right security patch.

HR-ADMIN

You May Also Like

Remove index.php from url in magento

How to remove index.php from url in magento Ans : If you want to access your magento URL without index.php for example: http://domain.com/index.php/category to http://domain.com/category then use the following steps 1) Login to admin section by using the URL http://domain.com/index.php/admin 2) then go to “System >> Configuration >>Web >> Search…

What is Magento Hosting? Know More – Hostripples

Fixing Magento Cache Problem in Simple Steps

Tags: Magento bugMagento RCE vulnerabilityMagento remote code execution

11 years ago

Next Wordpress : Fatal Error with Cannot redeclare get_avatar url() »

Previous « How to Enable TUN/TAP Module in OpenVZ ?

Leave a Comment

Recent Posts

Cloud Hosting

Why You Should Move Your Website to Cloud Hosting?

Introduction to Cloud Hosting In today's digital world, website performance can make or break an online business. Whether you run…

2 weeks ago

Hostripples Featured

What is a Call to Action in Marketing? Definition + Examples

In the world of digital marketing, getting attention is only half the battle. The real goal is to convince people…

4 weeks ago

Web Hosting

Website Bandwidth: What it is and Why it Matters?

Introduction In today's digital world, understanding website bandwidth is essential for anyone running a website. Whether you own a blog,…

1 month ago

Hostripples Featured

Will AI Replace Developers in the Future?

Artificial intelligence is changing the tech world at lightning speed. From automated chatbots to AI-generated applications, many people are now…

1 month ago

How To

What is Bot Traffic? Easy Ways to Detect and Block It

Introduction to Bot Traffic Bot traffic refers to visits to a website that come from automated software programs rather than…

2 months ago