Keyword

Security question about elfinder

More
4 weeks 2 days ago #178367 by rikao
Security question about elfinder was created by rikao
Hello,

Our security tool detected the following file as malware :
media/k2/assets/vendors/studio-42/elfinder/php/connector.minimal.php-dist

But I confirmed that it is identical to your original file.
So it is not modified. 

Currently the file is quarantined (moved to the outside the public folder).
I guess it’s related to the wordpress vulnerability report in the link below:
www.secpod.com/blog/wordpress-file-manager-plugin-under-active-exploitation/
(I don’t know if it also applies to Joomla or not.)

My question is:

Will it be no problem even if the file is removed?
Or
Will it be safe to restore the file? 

Thank you for your help, in advance.
Rikao(K2 v2.10.3)

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Offline
  • Administrator
  • JoomlaWorks Support Team
More
2 weeks 4 days ago #178430 by Fotis
Replied by Fotis on topic Security question about elfinder
This file is part of the elFinder distribution (aka the package as downloaded from the relevant GitHub repo) but it's not used by K2 (we have our own connector) nor is it a security risk as it's just a static file (because of the .php-dist extension) for you.

Leaving it or removing it makes no difference. You're safe.

If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.

More
1 week 4 days ago #178595 by rikao
Replied by rikao on topic Security question about elfinder
Thank you so much for your reply.
I'm relieved to hear that I can safely remove it.

Thanks for your help.
Best regards,

Rikao

Please Log in or Create an account to join the conversation.

  • Fotis
  • Fotis's Avatar
  • Offline
  • Administrator
  • JoomlaWorks Support Team
More
1 week 4 days ago #178597 by Fotis
Replied by Fotis on topic Security question about elfinder
You're welcome.

If you use & love K2, please take a moment to add your review and rate it
at the Joomla Extensions Directory: extensions.joomla.org/extension/k2/


IMPORTANT: Please search the forum before posting a question!

JoomlaWorks Support Team Member

Please Log in or Create an account to join the conversation.


Powered by Kunena Forum