Check Point researchers discovered that this critical vulnerability left MediaWiki (version 1.8 onwards) exposed to remote code execution (RCE), where an attacker can gain complete control of the vulnerable web server.
This vulnerability has been assigned CVE-2014-1610 by the MITRE organization. In order for a site to be vulnerable, a specific non-default setting must be enabled in the MediaWiki settings. While the exact extent of affected organizations is unknown, this vulnerability was confirmed to impact some of the largest known MediaWiki deployments in the world.
They alerted the WikiMedia Foundation about the vulnerability, and after verification, the Foundation issued an update and patch to the MediaWiki software.
Prior to the availability of a patch for this vulnerability, an attacker could have injected malware infection code into every page in Wikipedia.org, as well as into any other internal or Web-facing wiki site running on MediaWiki with the affected settings.
Since 2006, this is only the third RCE vulnerability found in the MediaWiki platform.
"It only takes a single vulnerability on a widely adopted platform for a hacker to infiltrate and wreak widespread damage. The Check Point Vulnerability Research Group focuses on finding these security exposures and deploying the necessary real-time protections to secure the Internet. We're pleased that the MediaWiki platform is now protected against attacks on this vulnerability, which would have posed great security risk for millions of daily 'wiki' site users," said Dorit Dor, vice president of products at Check Point Software Technologies.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.