v1.6-v1.7 MODULE VULNERABILITY !!!

freiserk

Well-known member
☆☆ Special ☆☆
☆ Pro ☆
Master
Joined
Jan 24, 2019
Messages
3,497
Reaction score
6,557
Points
113
NullCash
33,218
SEE IN THIS LINK !!!

https://docs.google.com/document/d/...LDEsC2298Go-as/preview#heading=h.gf3dlvo92l81

Background

Thursday 2nd of January 2020, a customer reported that its shop has been compromised by a malware named XsamXadoo Bot. The bot was able to upload some malware files into the shop which allowed him to access and control several shop settings.


After some research, we believe that the bot was able to upload those malware using a known vulnerability of the PHP tool PHPUnit that has been reported as CVE-2017-9841.
See https://nvd.nist.gov/vuln/detail/CVE-2017-9841

PHPUnit is a tool we use to build prestashop modules, but it should only be used on a developer computer. So it is very unlikely the vulnerable files will be found on a server and make the server vulnerable.

Unlikely but not impossible. These files have wrongly been added into some prestashop module ZIP archives. If a shop has downloaded one of these compromised archives, and has not deleted it since, then the shop is now vulnerable.


We can confirm that there are multiple shops running that are vulnerable right now (= can be attacked at any time) and multiple shops running that are already compromised.

Grettings.
 

lacroix

Member
XNullUser
Joined
Dec 15, 2019
Messages
240
Reaction score
1
Points
18
NullCash
14
thanks for information
 

torotero

Well-known member
Diamond
Elite
Joined
Jan 7, 2020
Messages
1,119
Reaction score
198
Points
63
NullCash
45
Thank you for precious information
 

7criador7

Member
XNullUser
Joined
May 5, 2020
Messages
315
Reaction score
1
Points
18
NullCash
1
thanks for share this lord freiserk, will check all files
 

LAurent

New member
XNullUser
Joined
Apr 29, 2020
Messages
3
Reaction score
0
Points
1
NullCash
6
Thanks for this information. Now we have also news in this forum. Great !
 

test211

New member
XNullUser
Joined
Jul 19, 2022
Messages
6
Reaction score
2
Points
1
NullCash
18
Thanks for sharing, I will check............. ...........
 
Top