The compromised code inserted into the str_contains_rx function looked structurally similar to this:
On CentOS/RHEL:
Configure firewalls (like iptables or UFW) to strictly block or alert on any unexpected inbound or outbound traffic on Port 6200. vsftpd 208 exploit github install
The clean version is 2.0.8 (re-release) or any version > 2.0.8, like 2.0.9, 3.0.0, etc. vsftpd 208 exploit github install