top of page
perceptive_background_267k.jpg

Mirasvit Full Page Cache Warmer contains a deserialization of untrusted data vulnerability that could allow unauthenticated attackers to achieve remote code exe…

Published:

3 juni 2026 om 00:00:00

Alert date:

3 juni 2026 om 18:00:35

Source:

cisa.gov

Click to open the original link from this advisory

Web Technologies

CVE-2026-45247 affects Mirasvit Full Page Cache Warmer, containing a deserialization of untrusted data vulnerability. The vulnerability allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. This is a critical security flaw that enables complete system compromise without authentication requirements. The vulnerability is tracked in the National Vulnerability Database and has vendor acknowledgment with available changelogs.

Technical details

Mitigation steps:

Affected products:

Mirasvit Full Page Cache Warmer

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-45247
https://mirasvit.com/package/changelog/?package=mirasvit/module-cache-warmer

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page