Pharos Response to Text2Shell Vulnerability - December 2022
  • 05 Apr 2024
  • 1 Minute to read
  • Dark
    Light
  • PDF

Pharos Response to Text2Shell Vulnerability - December 2022

  • Dark
    Light
  • PDF

Article summary

Pharos software is NOT susceptible to the new Text2Shell vulnerability

Background 

Recently, a security vulnerability was discovered inside the Apache tool Text2Shell 

The vulnerability is rated as “Critical” because it allows remote execution of Javascript on application servers.  

The vulnerability exists within versions 1.5 - 1.9 of Text2Shell. Administrators are urged to upgrade to version 1.10. 

Many organizations, including Pharos customers, are urgently investigating where this tool is used and how to update/repair those instances.

Pharos Software and Text2Shell 

Pharos has reviewed all our software, 3rd party tools/libraries, internal infrastructure and cloud infrastructure and can confirm that we do not use the Text2Shell tool anywhere.


Was this article helpful?


Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.