Magento eCommerce Web Sites Deserialization Remote Code Execution Exploit

This module uses an unauthenticated deserialization vulnerability in Magento eCommerce Web Sites to perform an arbitrary write file to gain arbitrary PHP code execution on the affected system.
Platform: 
Vulnerabilty ID: 
CVE-2016-4010
Product Version: 
2016_R1
Released Date: 
Friday, May 27, 2016 - 00:00