|
|
|||
| Rule General Information |
|---|
| Release Date: | 2024-04-23 | |
| Rule Name: | CE Phoenix v1.0.8.20 Remote Code Execution Vulnerability (CVE-2024-25415) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | CE Phoenix is an open-source e-commerce platform based on osCommerce Online Merchant, aimed at providing more modern, secure, and reliable e-commerce solutions. There is a remote code execution vulnerability in version 1.0.8.20, which allows attackers to remotely execute malicious code, gain system privileges, steal sensitive information, or compromise the system. | |
| Impact: | An attacker can execute arbitrary code via a successful exploit in the context of the vulnerable software. | |
| Affected OS: | Windows, Linux, Others | |
| Reference: | https://github.com/capture0x/Phoenix https://packetstormsecurity.com/files/175913/CE-Phoenix-1.0.8.20-Remote-Command-Execution.html https://vulners.com/zdt/1337DAY-ID-39172 https://cxsecurity.com/cveshow/CVE-2024-25415/ |
|
| Solutions |
|---|
| Please contact the software vendor to update the software patch. |