Threat Watch

Critical Software Update for phpMyAdmin is Released

Update version 4.8.4 has been released to address three new critical vulnerabilities which could lead to a total takeover of affected servers by remote attackers. Almost all hosting services install phpMyAdmin on the control panels to aid webmasters in managing their website database–WordPress and Joomla included. The first of the three critical vulnerabilities is the Local file inclusion (CVE-2018-19968) that affects version 4.0 through 4.8.3 and could give attackers the ability to read local file’s sensitive contents when it is going through its transformation feature. The second is a Cross-Site Request Forgery (CVE-2018-19969) which affects versions 4.7.0 to 4.7.6 and also versions 4.8.0 through 4.8.3. If it is exploited correctly, harmful SQL activity such as creating new tables and routines or renaming databases can be performed just by victims opening a link. Lastly, Cross-site scripting (CVE-2018-19970) allows hackers to place malicious code in the dashboard using a database/table name. This affects versions 4.0 through 4.8.3.

ANALYST NOTES

Users who are website administrators should install the updates as soon as possible. Be on the lookout for any suspicious activity coming through the services as well because these vulnerabilities could have already made their way into the system.