Unrated severityNVD Advisory· Published Nov 5, 2019· Updated Aug 4, 2024

CVE-2019-8125

Description

A remote code execution vulnerability exists in Magento 1 prior to 1.9.x and 1.14.x. An authenticated admin user can modify configuration parameters via crafted support configuration. The modification can lead to remote code execution.

Affected products

Adobe Systems Incorporated/Magento 1v5
Range: Magento Open Source prior to 1.9.4.3, and Magento Commerce prior to 1.14.4.3.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

magento.com/security/patches/supee-11219mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000