edit-icon download-icon

[Vulnerability notice] Memcached SSRF getshell vulnerability in Discuz!

Last Updated: Apr 18, 2018

Vulnerability description

Discuz! has the SSRF vulnerability. When Memcached is configured, attackers can use SSRF to write malicious Webshell code to the disk over Memcached, causing database leakage.

How to fix

We recommend that you escape and filter all input data from external machines. For example, you can disable the preg_replace /e code of related vulnerability files.

Thank you! We've received your feedback.