Warning about a critical vulnerability in the PrestaShop e-commerce platform
The National Cyber Security Centre SK-CERT warns of a critical vulnerability in the e-commerce web platform PrestaShop, which is currently being actively exploited by attackers.
PrestaShop is a popular e-commerce web platform used worldwide, including in Slovak cyberspace, to create and manage web shops (e-shops). The latest vulnerability in this system causes an unauthenticated attacker to execute malicious code via SQL injection, whereby the attacker can gain access to a variety of sensitive data, including customers’ personal and payment details.
The vulnerability is identified by the code CVE-2022-36408 and received a score of 9.8. The vulnerability can be exploited by sending specially crafted HTTP POST and GET requests to the platform.
However, attackers’ approaches may vary (sending different requests, affecting different parts of the platform, etc.) and it is possible that the vulnerability will be exploited by attackers for different purposes. One of many is, for example, the creation of fake payment forms for payments for goods, where customers may not be able to tell the difference between a legitimate payment request and a fake one at all.
The following versions and modules are affected by this critical vulnerability:
- PrestaShop versions higher than 1.6.0.10, including
- PrestaShop Whislist (blockwishlist) module in versions 2.0.0 to 2.1.0 inclusive
Measures
The National Cyber Security Centre SK-CERT recommends to immediately update the PrestaShop platform to the latest existing version (1.7.8.7), which includes a fix for the critical vulnerability in question.
We also recommend reviewing the logs and focusing on non-standard behaviour and suspicious patterns that may indicate that the vulnerability has been exploited. If you suspect that this vulnerability has been exploited on your instance of the platform, please report the incident to the SK-CERT National Cyber Security Centre at [email protected].
« Späť na zoznam
