Vulnerability Description
PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in webroot.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Phpmemcachedadmin Project | Phpmemcachedadmin | <= 1.2.2 |
Related Weaknesses (CWE)
References
- http://packetstormsecurity.com/files/129089/PHPMemcachedAdmin-1.2.2-Remote-Code-Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/533968/100/0/threaded
- http://www.securityfocus.com/archive/1/533980/100/0/threaded
- http://www.securityfocus.com/bid/71059Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98638
- http://packetstormsecurity.com/files/129089/PHPMemcachedAdmin-1.2.2-Remote-Code-Third Party AdvisoryVDB Entry
- http://www.securityfocus.com/archive/1/533968/100/0/threaded
- http://www.securityfocus.com/archive/1/533980/100/0/threaded
- http://www.securityfocus.com/bid/71059Third Party AdvisoryVDB Entry
- https://exchange.xforce.ibmcloud.com/vulnerabilities/98638
FAQ
What is CVE-2014-8731?
CVE-2014-8731 is a vulnerability with a CVSS score of 9.8 (CRITICAL). PHPMemcachedAdmin 1.2.2 and earlier allows remote attackers to execute arbitrary PHP code via vectors related "serialized data and the last part of the concatenated filename," which creates a file in ...
How severe is CVE-2014-8731?
CVE-2014-8731 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2014-8731?
Check the references section above for vendor advisories and patch information. Affected products include: Phpmemcachedadmin Project Phpmemcachedadmin.