⚠️ Urgent! Active Attacks on MODX Revolution Sites Below Revolution 2.6.5
Subscribe: RSS
  • Jay Gilmore Reply #1, 1 month ago
    Product: MODX Revolution
    Severity: Critical
    Versions: <=2.6.4
    Vulnerability type(s): Remote Execution / File/Directory Deletion
    Report date: 2018-Jul-11
    Fixed date: 2018-Jul-12

    Description
    On July 11 we received notice that there are two critical vulnerabilities that include remote script execution and file/directory removal. These issues are critical in nature. It is possible for attackers to compromise the website or deface or delete files or directories.

    Affected Releases
    All MODX Revolution releases prior to and including 2.6.4

    Solutions
    1. Upgrade to MODX Revolution 2.6.5 or above.
    2. If you're on 2.6.4 you can replace the changed files included in the commits: here (can be manually updated on versions back to 2.3.0) and here (can be updated on versions back to 2.5.2). Please note, replacing files in other versions of MODX Revolution could lead to unintended consequences. It is always preferred to upgrade.

    Support
    If you do not know how to upgrade your site there are several support options available. You can contact the developer or builder of your site, ask for help in the MODX Forums, find a MODX Professional or get help from the MODX Services team.

    Acknowledgement
    We would like to thank Ivan Klimchuk (Alroniks) and agel_nash for bringing these issues to our attention and verifying their resolution.

    Additional Information
    For additional information, please email MODX Support. [ed. note: smashingred last edited this post 1 month ago.]
      Author of zero books. Formerly of many strange things. Pairs well with meats. Conversations are magical experiences. He's dangerous around code but a markup magician. BlogTwitterLinkedInGitHub

    This discussion is closed to further replies. Keep calm and carry on.