Imunify360 Bug Leaves Linux Web Servers Open to Code Execution,Takeover

silversurfer

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,057
A high-severity security vulnerability in CloudLinux’s Imunify360 cybersecurity platform could lead to arbitrary code execution and web-server takeover, according to researchers.

Imunify360 is a security platform for Linux-based web servers that allows users to configure various settings for real-time website protection and web-server security. It offers an advanced firewall, intrusion detection and prevention, antivirus and antimalware scanning, automatic kernel patch updates, and a web-host panel integration for managing it all.

According to researchers at Cisco Talos, the bug (CVE-2021-21956) specifically resides in the Ai-Bolit scanning functionality of the Imunift360, which allows webmasters and site administrators to search for viruses, vulnerabilities and malware code. The bug, which rates 8.2 out of 10 on the CVSSv3.0 vulnerability-severity scale, can lead to a deserialization condition with controllable data that would allow an attacker to then execute arbitrary code.

“A PHP unserialize vulnerability exists in the Ai-Bolit functionality of CloudLinux Inc Imunify360 5.8 and 5.9,” according to a posting from the firm, issued on Monday.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top