All news with #cloudlinux tag

RCE Flaw in ImunifyAV Threatens Millions of Hosted Sites

⚠️ ImunifyAV, a widely used Linux malware scanner, contains a remote code execution flaw in its AI-bolit component affecting versions prior to 32.7.4.0. The vulnerability is rooted in unsafe use of call_user_func_array during deobfuscation, which can execute attacker-supplied PHP function names when the scanner performs active unpacking. CloudLinux released fixes in late October and backported them on November 10; administrators should update to 32.7.4.0 or newer immediately to mitigate risk.