By Admin on May 19, 2016

Magento Vulnerability

Breaches, Alerts & Advisories, Retail & Ecommerce

Critical vulnerability discovered in Magento eCommerce software. Has been given a 9.8/10 in terms of severity due to unauthenticated remote code execution. CVE assigned is CVE-2016-4010.

We advise all customers to apply the vendor patch if you are running Magento software on your web application(s). 

Upgrade to v2.0.6. Exploit code has been submitted to exploit-db but not yet verified.

For more information see: