Serious Vulnerability Found in Imunify360 Web Server Security Product

10
Serious Vulnerability Found in Imunify360 Web Server Security Product

Researchers at the Cisco’s Talos division have found that Imunify360 is highly vulnerable and can be used by a remote attacker to extract incorrect code from the server using a specially designed file.

The bug, which is tracked as CVE-2021-21956 and defined as a deserialization problem, exists in the Ai-Bolit malware scanner section.

Risk was reported to the seller in early October and highlighted in the same month with the AI-Bolit update released to customers via Imunify360 5.11.3. The seller released the blog post at that time to notify customers of the matter.

Read More: Securityweek

For more such updates follow us on Google News ITsecuritywire News