shubs says SLCyberSec reverse engineered the Magento PolyShell pre-auth RCE and calls it actively exploited, while The Hacker News reports skimmers exploiting the PolyShell flaw at scale.
A critical Magento flaw lets attackers upload files without login and take over stores.
The issue, PolyShell, uses the REST API to upload hidden malicious files as images.
This can lead to remote code execution or stored XSS.
No fix for current versions yet.
Active exploitation alert: The PolyShell flaw in the Magento REST API allows unauthenticated RCE via malicious images.
Learn how to protect your store now.
reverse engineered the Magento PolyShell pre-auth RCE bug
this is an actively exploited vulnerability in the wild
Attacks are exploiting the PolyShell RCE flaw at scale.
reverse engineered the Magento PolyShell pre-auth RCE - actively exploited in the wild
No auth needed to land a PHP webshell.
the file persists regardless
This finding is one of many signals tracked across Cyber Security. The live feed updates every few hours with new expert voices, debates, and emerging ideas.
← Back to Cyber Security