You can now find Cyber Kendra on Google News | Telegram

Critical Access Bypass Bug Patched on Durpal 8

If you are using Durpal CMS for site then here is an important security updates for you.

Durpal security team have just patched the critical Access Bypass vulnerability on Durpal core, that give attacker full control over your site. This Access Bypass Bug which is dubbed as CVE-2017-6919 is been affected to Durpal 8.x not to the earlier version.

A site is only affected by this if all of the following conditions are met:
  • The site has the RESTful Web Services (rest) module enabled.
  • The site allows PATCH requests.
  • An attacker can get or register a user account on the site.
As severity of the bug  is high and critical, durpal team have also release a patch for it's earlier version 8.2.x.

If you are using Durpal 8.2.X then you can update your Durpal CMS to version 8.2.8, or if you are using version 8.3.0 then update it to version 8.3.1.

So guys patch your site before it got hacked.

Post a Comment

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.