Joomla Core 1.5.0 - 3.4.5 Remote Code Execution (CVE-2015-8562)

December 15, 2015

Summary

A remote code execution vulnerability has been discovered in Joomla versions 1.5.0 to version 2.4.5. The exploit was discovered in use on the Internet. [1]

Patches are available from Joomla for both the supported version 3.4 [2] and versions 1.5.X and 2.5.X which had previously reached End of Life status. [3]

Impact

Attackers can execute arbitrary code remotely by exploiting this vulnerability.

Vulnerable

  • Joomla! CMS versions 1.5.0 through 3.4.5

Recommendations

  • Upgrade to patched Joomla 3.4.6 immediately [2]
  • If using older versions of Joomla version 2.5.x or 1.5.x, use the appropriate emergency hot fix provided by Joomla [3] until you can
    upgrade to a supported version.
  • Search through the system logs for the IP addresses and User-Agent strings noted in the Sucuri article [1]

References