Advertisements

Synology Antivirus Essential detects PHP.Exploit.CVE_2015_2331-3

Today my DiskStation emailed me about detecting malware in the system files. When I looked at the log, I saw this:

Antivirus Essential detects Php.Exploit.CVE_2015_2331-3 in zip

Antivirus Essential detects Php.Exploit.CVE_2015_2331-3 in zip

It appears this is a false positive in the ClamAV database.

Further reading: https://www.clamxav.com/BB/viewtopic.php?f=1&t=4186&hilit=php.exploit

If your Synology reports the same, simply restore the quarantined file, update virus definitions, and re-scan. It should come up clean. If you had configured Antivirus Essential to automatically delete files, you may have to restore the DSM OS to get the file back.

Advertisements

,