Imunify360 Vulnerability Could Expose Millions of Sites to Hacking
securityweek
Imunify360 website security products are affected by a serious vulnerability that could expose millions of sites to hacking.
Imunify360 is designed for Linux-based web hosting environments. According to October 2024 data from the vendor, Imunify360 had been used to protect 56 million sites.
According to website security company Patchstack, the Imunify360 antivirus is impacted by a flaw that can be exploited to execute arbitrary code and possibly fully compromise the hosting environment. An attacker can use a specially crafted file that triggers the vulnerability when the product scans it.
The vulnerability was recently patched, but Imunify360 developer Cloud Linux Software has not assigned a CVE identifier.
In an advisory published on November 4, Cloud Linux Software informed customers that the Ai-Bolit malware scanner used in Imunify360, ImunifyAV+, and ImunifyAV is impacted by a “critical security vulnerability”. A patch has been available since October 21.
Patchstack reported that information about the ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE