By Admin on May 19, 2016

Magento Vulnerability

Breaches, Alerts & Advisories, Retail & Ecommerce

Critical vulnerability discovered in Magento eCommerce software. Has been given a 9.8/10 in terms of severity due to unauthenticated remote code execution. CVE assigned is CVE-2016-4010.

We advise all customers to apply the vendor patch if you are running Magento software on your web application(s). 

Upgrade to v2.0.6. Exploit code has been submitted to exploit-db but not yet verified.

For more information see:


Sign up to receive the latest insights

Join our cyber security community to stay up to date with the latest news, insights, threat intel and more right in your inbox.  All you have to do is choose how often.