You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Description:
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.
Versions:
2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier
Thanks.
The text was updated successfully, but these errors were encountered:
For now we are not interested in that vulnerability.
As always, thank you for willing to contribute! Feel free to open new issues for other ideas that you might have.
Hi there.
I would like to start implementing a plugin to detect Adobe Commerce RCE, CVE-2024-20720.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2024-20720
https://helpx.adobe.com/security/products/magento/apsb24-03.html
Description:
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction.
Versions:
2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier
Thanks.
The text was updated successfully, but these errors were encountered: