Vulnerability description:
Vulnerability number: CVE-2016-6662 and CVE-2016-6663, attackers can remotely and locally use the vulnerability ROOT privileges to execute code, and completely control the MySQL database. The attacker only needs to have the FILE permission to achieve ROOT escalation and then control the server.
Affected version: <=5.7.15
Vulnerability level: high risk
Repair suggestions:
1. There is no vendor repair plan for 0Day vulnerability. Temporary mitigation plan: make sure that the MySQL configuration file is not in the hands of the mysql user, and create a root permission, unused, disguised my.cnf file.
2. Use Baidu Cloud to accelerate WAF firewall and update strategies in real time for defense.
3. Add a website to the cloud observation, and learn about sudden/0day vulnerabilities in website components in time.
(Source: Guo Shenghua WeChat public account)