CWE-506
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Malware Identified

Severity:
Critical
Summary

Invicti detected a malicious file on your web server ({DetectionName}). You either uploaded an infected file by accident or an attacker was able to write arbitrary files to your web server.

Impact

Depending on the file your users' data might be at risk. It might carry out one or more of these malicious actions for example.

  • Delete, modify, or read files on your web server.
  • Steal sensitive user data such as credit card numbers or personally identifiable information.
  • Install malicious software on your users' devices, either through a browser exploit or if they download and open the malicious file.

Please refer to the Microsoft Threat Encyclopedia link in the External References section and carefully read the description in order to find out how this file may put your users at risk.

Remediation
Required Skills for Successful Exploitation
Actions To Take

It's advisable to contact an information security company with experience in malware removal. They may help or instruct you to take the following steps.

  • Immediate removal of the malicious file.
  • Find out whether additional steps need to be taken to ensure that the malicious files were completely removed from your server.
  • Where applicable, replacement of the file with a clean copy that does not contain the malicious code. You should make sure to locally scan the new file with an anti virus tool or submit it to Virus Total before you upload it.
  • They may help you to ensure that the malicious file is no longer accessible. If you use a caching server such as Varnish, Squid or Nginx, they might tell you to make sure that they don't serve a copy of the infected file from memory.
  • They will tell you to notify your users and the appropriate authorities. This may include law enforcement and data protection authorities, depending on your local laws.
Vulnerability Index

You can search and find all vulnerabilities

Select Vulnerability
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Featured resources

Blog

Strengthening enterprise application security: Invicti acquires Kondukto

Blog

Modern AppSec KPIs: Moving from scan counts to real risk reduction

Blog

Friends don’t let friends shift left: Shift smarter with DAST-first AppSec

Blog

Vibe talking: Dan Murphy on the promises, pitfalls, and insecurities of vibe coding

Blog

What lies ahead for CMS.

Blog

How to integrate CMS with other tools.

Blog

Improve user experience through CMS.

Blog

How CMS can benefit e-commerce.

Blog

Stay updated on CMS trends.

Blog

Tips for improving CMS performance.

Blog

Learn how to secure your CMS.

Blog

Explore the advantages of CMS.

Blog

A comprehensive guide to CMS.

Build your resistance to threats. And save hundreds of hours each month.