MODX :: Reflect RFI Exploit

Reflect RFI Exploit#
12,035

Ryan Thrash

MODX Co-Founder & CEO

MODX Revolution

Your Content, Your Way.

Issues | Documentation | Git the Source

Need help? Help us help you.
rthrash Reply #1, 3 years, 2 months ago
Reply
Link to this post#1
It has come to our attention that it's possible to compromise some sites with specific server configurations via the reference copy of the Reflect snippet installed by default at /assets/snippets/reflect/snippet.reflect.php

A temporary solution is to simply rename this file with a .txt extension in your website. We are working on confirming a permanent solution and will update this post as soon as possible with more details.

For more information see the Secunia advisory and the discussion on our forums.
12,035

Ryan Thrash

MODX Co-Founder & CEO

MODX Revolution

Your Content, Your Way.

Issues | Documentation | Git the Source

Need help? Help us help you.
rthrash Reply #2, 3 years, 2 months ago
Reply
Link to this post#2
The permanent solution is in fact to simply rename the reference snippet with a .txt extension or to remove them completely. They were included as a reference, and they have been removed from the current download distribution on the site.