Magento remote code execution vulnerability analysis report-vulnerability warning-the black bar safety net

ID MYHACK58:62201561585
Type myhack58
Reporter 佚名
Modified 2015-04-24T00:00:00


Check Point company researchers recently in Magento e-Commerce network platform on which to found a dangerous remote code execution RCE)vulnerabilities, the vulnerabilities could cause the Magento platform on the e-shops of all hackers, including credit card information and some other property and personal information, there have been about twenty million Online Store affected by this vulnerability.

Check Point the company in the disclosure of this vulnerability before, it has been privately be disclosed to the eBay company, and recommended that eBay company immediately to fix this vulnerability. 2 0 1 5 year 2 9 February, the company released a patch from here to get SUPEE-5 3 4 4 to fix this vulnerability, and urged those who have not installed this patch of Mall owners and administrators as soon as possible to install this security patch.

This is what type of attack?

This vulnerability is composed of a series of vulnerabilities of the components, this vulnerability allows an unauthenticated attacker on the site on the server execute the PHP code. An attacker can bypass all security mechanisms and get control of the store and its database of the highest authority, but also allows the attacker to steal credit card information and get access to the system administrator privileges.

This attack is not limited to any plugin or theme. All the holes are appearing in the Magento site of the core part, and will affect its Community Edition and the Enterprise edition of the default installation. Check Point customers in the IPS software under the protection of the have been not affected by this vulnerability.

Check Point company is how to discover this vulnerability?

These vulnerabilities is by the Check Point company's malware and vulnerability Research Division of Netanel Rubin found. Check Point company researchers often referred to as“white hat hackers”, their work is in with evil intentions of hackers to exploit these vulnerabilities before, find and fix these security vulnerabilities. Check Point company is constantly working to raise the public, customers, and corporate security awareness and security education, and this times the articles published in the company's efforts part.

How to protect yourself against this vulnerability?

Magento recommends those Magento on the platform of the electricity supplier companies to install its released the SUPEE-5 3 4 4 patch. Although Check Point company and does not detect the vulnerability being exploited traces, but administrators still need to monitor those who meet this attack mode all the log files.

Vulnerability version

Has confirmed the vulnerability: CE and 1. 1 4. 1. 0 EE(preparation of the article of the latest version.


Magento is an eBay company in 2 0 1 2 year acquired a popular e-Commerce platform. It has two versions:

■One is the community version which is open source, and contains a community of developers contributing code.

■The other is the Enterprise Edition, it provides more functions, such as customer support and some other additional benefits.

We found a vulnerability in the chain, it will allow an unauthenticated attacker to have a vulnerability on a server running PHP code. It consists of a plurality of vulnerability components, we will in the following technical description section for analysis. These vulnerability is named CVE-2 0 1 5-1 3 9 7, CVE-2 0 1 5-1 3 9 8, CVE-2 0 1 5-1 3 9 9 The.

Disclosure timeline

2 0 1 5 year 1 month 1 4 day-for the first time with Magento security sector contact

2 0 1 5 1 1 5-provide include repair advice, including a complete vulnerability analysis report

2 0 1 5 year 2 month 9 day-Magento has released patches(SUPEE-5 3 4 4)

2 0 1 5 year 4 month 2 day 0—public release

[1] [2] [3] [4] [5] [6] next