Remote Code Execution in Yii 2.x via Redis Extension (CVE-2018-7269 variant)

CVE-2018-8073 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA code via a variant of the CVE-2018-7269 attack in conjunction with the Redis extension.

Learn more about our Web Application Penetration Testing UK.