A remote code execution (RCE) vulnerability affecting Imunify360 AV has been identified, impacting approximately 56 million websites. This critical flaw, which runs with root privileges, enables attackers to execute arbitrary commands and take full control of hosting servers. New research from Patchstack revealed that Imunify360 AV’s deobfuscation logic could be manipulated to execute harmful PHP functions. Vulnerable systems remain at risk during scans, particularly in shared hosting, where a single compromised site can lead to broader attacks against multiple servers.
A patch was released by CloudLinux on October 21, 2025, yet a formal CVE assignment or security advisory has not been issued. The vulnerability was documented on their Zendesk support page on November 4, 2025, despite prior knowledge of exploitation details. Hosting companies are urged to upgrade to Imunify360 AV version 32.7.4.0 or newer immediately and conduct forensic checks to ensure their servers have not been compromised. The situation highlights the need for ongoing vigilance among hosting providers to protect their clients’ environments.
👉 Pročitaj original: Cyber Security News
