As many as 37 faults were patched by Magento on Thursday, including a stored cross-site scripting (XSS) flaw that could have allowed an attacker to take over a website.

The gravest of the viruses is a distant code-execution (RCE) susceptibility that could let a genuine user, with limited approvals, create special newsletters and email templates that can be used to perform random code on targeted systems. The weakness has a CVSS score of 9.8 and affects Magento versions 2.1 prior to 2.1.17, Magento 2.2 prior to 2.2.8 and Magento 2.3 prior to 2.3.1.

A second serious virus repaired by Magento is an unauthenticated SQL injection weakness that could let an adversary abusing the flaw read from the database, and extract admin sessions or password hashes and use them to access the backend. This would allow site seizure with the pilfered credentials.

On Friday, Ambionics Security issued an examination of the bug and a working proof-of-concept attack model that would allow for withdrawal of admin sessions or password hashes.

Security engineer Charles Fol at Ambionics said that one of the main classes dealing with the DB is Magento\Framework\DB\Adapter\Pdo\Mysql. He added that an interesting virus emerged in one of its systems, after a few minutes of auditing. He also said that although the mistake in code was minor, it was very impactful.

The virus, which has a CVSS score of 9.0, affects Magento Open Source before 1.9.4.1, and Magento Commerce before 1.14.4.1, Magento 2.1 before 2.1.17, Magento 2.2 before 2.2.8, Magento 2.3 before 2.3.1.

For their part, researchers at Sucuri Security focused on a SQL injection issue in Magento Core in its examination of Magento’s 37 patches. It warned the virus is regarded serious (CVSS 8.8) and “very easy” to exploit remotely.

Marc-Alexandre Montpas, a Sucuri researcher, said that the SQL injection weakness can be misused without any form of privilege or verification. He added that due to the complex nature of the data Magento e-commerce sites deal with every day, this is a security threat that should be repaired by affected site owners as soon as possible.

The affected Magento Core versions are 2.1 prior to 2.1.17, 2.2 prior to 2.2.8 and 2.3 prior to 2.3.1.

Related articles

Zero-Day Vulnerability Impacts Over 100 Million Steam Users
Vulnerability Alerts

Zero-Day Vulnerability Impacts Over 100 Million Steam Users

By CertX
High-severity Vulnerability in vBulletin Is being Vigorously Exploited
Vulnerability Alerts

High-severity Vulnerability in vBulletin Is being Vigorously Exploited

By CertX
IBM Not to Fix Grave Data Risk Manager Flaws: Researchers told
Vulnerability Alerts

IBM Not to Fix Grave Data Risk Manager Flaws: Researchers told

By CertX
FireEye, Microsoft identify SolarWinds supply chain attack
Security Updates / Vulnerability Alerts

FireEye, Microsoft identify SolarWinds supply chain attack

By CertX
Thousands of systems vulnerable to attacks due to critical SAP Recon
Vulnerability Alerts

Thousands of systems vulnerable to attacks due to critical SAP Recon

By CertX

Leave a Reply

Your email address will not be published. Required fields are marked *