{"id":8235,"date":"2025-11-17T21:22:45","date_gmt":"2025-11-18T01:22:45","guid":{"rendered":"https:\/\/hostingdiscussion.com\/news\/?p=8235"},"modified":"2025-11-17T21:22:45","modified_gmt":"2025-11-18T01:22:45","slug":"critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks","status":"publish","type":"post","link":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/","title":{"rendered":"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks"},"content":{"rendered":"<p data-start=\"485\" data-end=\"1041\">A newly uncovered security flaw inside <a href=\"https:\/\/imunify360.com\/imunifyav\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Imunify360 AV<\/a> has raised serious concerns among hosting providers, after researchers revealed that attackers can use the vulnerability to seize full control of a server. Patchstack, the firm that investigated the issue, said the flaw affects both the file scanner and the database scanner within the AI-Bolit engine, which protects more than 56 million websites. The discovery drew attention not only because it is severe but also because it shows how the scanner\u2019s own design can work against the systems it is supposed to protect.<\/p>\n<p data-start=\"1043\" data-end=\"1500\"><a href=\"https:\/\/patchstack.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">Patchstack<\/a> described the issue plainly, noting that attackers can embed crafted PHP code that the scanner interprets as legitimate data. One researcher explained that \u201cthe deobfuscator will execute extracted functions on attacker controlled data,\u201d which opens the door to remote command execution. Because the scanner often runs with elevated privileges, the impact can escalate quickly, and in certain hosting setups, it can lead to a full server takeover.<\/p>\n<p data-start=\"1502\" data-end=\"2008\">The situation grows more troubling because the same flaw impacts two different components of <a href=\"https:\/\/hostingdiscussion.com\/news\/imunify-brings-web-security-front-center-with-new-wordpress-plugin-integration\/\">Imunify360<\/a> AV. Patchstack confirmed that the database scanner is vulnerable just like the file scanner. That second path lowers the barrier for attackers, since many shared hosting environments allow users or site visitors to write data to a database through comments, contact forms, or logs. A simple database entry can become a trigger point for malicious code that the scanner eventually processes.<\/p>\n<p data-start=\"2010\" data-end=\"2468\">Another point adding pressure is the lack of a public statement from the vendor. <a href=\"https:\/\/hostingdiscussion.com\/news\/patchstack-case-study-exposes-gaps-in-wordpress-security-where-hosting-defenses-fall-short\/\">Patchstack<\/a> said they learned about the vulnerability in late October and notified customers soon after. Despite that, the vendor has not assigned a CVE identifier or issued a formal advisory, even though they listed the issue on their Zendesk page earlier in November. Patchstack estimated the CVSS score at 9.9, placing it among the highest severity levels.<\/p>\n<p data-start=\"2470\" data-end=\"2827\">Patchstack urges administrators to apply the latest patch immediately or restrict the scanner\u2019s privileges if they cannot install updates right away. The company also encourages hosting providers to contact <a href=\"https:\/\/cloudlinux.com\/\" target=\"_blank\" rel=\"noopener noreferrer nofollow\">CloudLinux<\/a> and Imunify360 directly to confirm any exposure and decide what steps they must take to reduce further risk.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>A newly uncovered security flaw inside Imunify360 AV has raised serious concerns among hosting providers, after researchers revealed that attackers can use the vulnerability to seize full control of a server. Patchstack, the firm that investigated the issue, said the flaw affects both the file scanner and the database scanner within the AI-Bolit engine, which [&hellip;]<\/p>\n","protected":false},"author":20624,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[71],"tags":[4955,4953,4957,4954,4956,206],"class_list":["post-8235","post","type-post","status-publish","format-standard","hentry","category-featured","tag-hosting-security-risk","tag-imunify360-av","tag-malware-scanner-flaw","tag-patchstack-advisory","tag-server-takeover-threat","tag-web-hosting"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.2 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks - Web Hosting News<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks - Web Hosting News\" \/>\n<meta property=\"og:description\" content=\"A newly uncovered security flaw inside Imunify360 AV has raised serious concerns among hosting providers, after researchers revealed that attackers can use the vulnerability to seize full control of a server. Patchstack, the firm that investigated the issue, said the flaw affects both the file scanner and the database scanner within the AI-Bolit engine, which [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/\" \/>\n<meta property=\"og:site_name\" content=\"Web Hosting News\" \/>\n<meta property=\"article:published_time\" content=\"2025-11-18T01:22:45+00:00\" \/>\n<meta name=\"author\" content=\"Justine Juyad\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Justine Juyad\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/\",\"url\":\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/\",\"name\":\"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks - Web Hosting News\",\"isPartOf\":{\"@id\":\"https:\/\/hostingdiscussion.com\/news\/#website\"},\"datePublished\":\"2025-11-18T01:22:45+00:00\",\"dateModified\":\"2025-11-18T01:22:45+00:00\",\"author\":{\"@id\":\"https:\/\/hostingdiscussion.com\/news\/#\/schema\/person\/3a1732732b90f8c57c2a0ec68d3c49e3\"},\"breadcrumb\":{\"@id\":\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/hostingdiscussion.com\/news\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/hostingdiscussion.com\/news\/#website\",\"url\":\"https:\/\/hostingdiscussion.com\/news\/\",\"name\":\"Web Hosting News\",\"description\":\"Cloud and web hosting industry daily news\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/hostingdiscussion.com\/news\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/hostingdiscussion.com\/news\/#\/schema\/person\/3a1732732b90f8c57c2a0ec68d3c49e3\",\"name\":\"Justine Juyad\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/hostingdiscussion.com\/news\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/96df33d01870f85226adf8492251fbefe00bc349b10bb7679b094f3fa086999c?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/96df33d01870f85226adf8492251fbefe00bc349b10bb7679b094f3fa086999c?s=96&d=mm&r=g\",\"caption\":\"Justine Juyad\"},\"description\":\"HostingDiscussion.com senior reporter\",\"sameAs\":[\"https:\/\/hostingdiscussion.com\/news\/\"],\"url\":\"https:\/\/hostingdiscussion.com\/news\/author\/justine-juyad\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks - Web Hosting News","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/","og_locale":"en_US","og_type":"article","og_title":"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks - Web Hosting News","og_description":"A newly uncovered security flaw inside Imunify360 AV has raised serious concerns among hosting providers, after researchers revealed that attackers can use the vulnerability to seize full control of a server. Patchstack, the firm that investigated the issue, said the flaw affects both the file scanner and the database scanner within the AI-Bolit engine, which [&hellip;]","og_url":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/","og_site_name":"Web Hosting News","article_published_time":"2025-11-18T01:22:45+00:00","author":"Justine Juyad","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Justine Juyad","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/","url":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/","name":"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks - Web Hosting News","isPartOf":{"@id":"https:\/\/hostingdiscussion.com\/news\/#website"},"datePublished":"2025-11-18T01:22:45+00:00","dateModified":"2025-11-18T01:22:45+00:00","author":{"@id":"https:\/\/hostingdiscussion.com\/news\/#\/schema\/person\/3a1732732b90f8c57c2a0ec68d3c49e3"},"breadcrumb":{"@id":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/hostingdiscussion.com\/news\/critical-imunify360-av-flaw-sparks-concerns-as-researchers-warn-of-server-takeover-risks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/hostingdiscussion.com\/news\/"},{"@type":"ListItem","position":2,"name":"Critical Imunify360 AV flaw sparks concerns as researchers warn of server takeover risks"}]},{"@type":"WebSite","@id":"https:\/\/hostingdiscussion.com\/news\/#website","url":"https:\/\/hostingdiscussion.com\/news\/","name":"Web Hosting News","description":"Cloud and web hosting industry daily news","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/hostingdiscussion.com\/news\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/hostingdiscussion.com\/news\/#\/schema\/person\/3a1732732b90f8c57c2a0ec68d3c49e3","name":"Justine Juyad","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/hostingdiscussion.com\/news\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/96df33d01870f85226adf8492251fbefe00bc349b10bb7679b094f3fa086999c?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/96df33d01870f85226adf8492251fbefe00bc349b10bb7679b094f3fa086999c?s=96&d=mm&r=g","caption":"Justine Juyad"},"description":"HostingDiscussion.com senior reporter","sameAs":["https:\/\/hostingdiscussion.com\/news\/"],"url":"https:\/\/hostingdiscussion.com\/news\/author\/justine-juyad\/"}]}},"views":134,"_links":{"self":[{"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/posts\/8235","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/users\/20624"}],"replies":[{"embeddable":true,"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/comments?post=8235"}],"version-history":[{"count":1,"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/posts\/8235\/revisions"}],"predecessor-version":[{"id":8236,"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/posts\/8235\/revisions\/8236"}],"wp:attachment":[{"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/media?parent=8235"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/categories?post=8235"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hostingdiscussion.com\/news\/wp-json\/wp\/v2\/tags?post=8235"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}