CVE-2024-34102
Adobe Commerce and Magento Open Source Improper Re - [Actively Exploited]
Description
Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction.
INFO
Published Date :
June 13, 2024, 9:15 a.m.
Last Modified :
July 18, 2024, 1 a.m.
Source :
[email protected]
Remotely Exploitable :
Yes !
Impact Score :
5.9
Exploitability Score :
3.9
CISA KEV (Known Exploited Vulnerabilities)
For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.
Adobe Commerce and Magento Open Source contain an improper restriction of XML external entity reference (XXE) vulnerability that allows for remote code execution.
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
https://helpx.adobe.com/security/products/magento/apsb24-40.html
Public PoC/Exploit Available at Github
CVE-2024-34102 has a 44 public PoC/Exploit
available at Github.
Go to the Public Exploits
tab to see the list.
Affected Products
The following products are affected by CVE-2024-34102
vulnerability.
Even if cvefeed.io
is aware of the exact versions of the
products
that
are
affected, the information is not represented in the table below.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2024-34102
.
URL | Resource |
---|---|
https://helpx.adobe.com/security/products/magento/apsb24-40.html | Vendor Advisory |
https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102 | Exploit Technical Description Third Party Advisory |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
None
PHP Shell
adobe commerce
Shell
None
PoC for CVE-2024-34102
Python
CVE-2024-37085 unauthenticated shell upload to full administrator on domain-joined esxi hypervisors.
Magento 2 patch for CVE-2024-34102(aka CosmicSting). Another way(as an extension) to hotfix the security hole if you cannot apply the official patch or cannot upgrade Magento.
cosmicsting cve-2024-34102 extension hotfix magento2 patch bug security-hole
PHP
CVE-2024-34102 unauthenticated RCE PoC for Magento/adobe commerce
CVE-2024-34102 unauthenticated RCE PoC for Magento/adobe commerce
None
PHP
CVE-2024-34102 unauthenticated RCE PoC for Magento/adobe commerce and (NEW 0DAY)?
None
PHP
CVE-2024-34102 unauthenticated RCE PoC for Magento/adobe commerce
None
CVE-2024-34102 Exploiter based on Python
cve-2024-34102
Python
Exploitation CVE-2024-34102
cve cve-2024-34102 exploitation
Go
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2024-34102
vulnerability anywhere in the article.
- The Cyber Express
The Week’s Top Vulnerabilities: Cyble Urges Fixes for NVIDIA, Adobe, CUPS
Cyble researchers had a busy week, investigating 19 vulnerabilities in the week ended Oct.1 and flagging eight of them as high priority. Cyble’s weekly IT vulnerability report also noted that research ... Read more
- security.nl
Duizenden webwinkels gecompromitteerd via kritiek lek in Adobe Commerce
Criminelen zijn erin geslaagd om bijna vijfduizend webwinkels te compromitteren waarbij gebruik is gemaakt van een kritieke kwetsbaarheid in Adobe Commerce en Magento. Het gaat onder andere om webshop ... Read more
- The Register
Big names among thousands infected by payment-card-stealing CosmicSting crooks
Ray-Ban, National Geographic, Whirlpool, and Segway are among thousands of brands whose web stores were reportedly compromised by criminals exploiting the CosmicSting flaw in hope of stealing shoppers ... Read more
- Cybersecurity News
Cybercriminals Exploit CosmicSting Vulnerability, Hacking Thousands of Adobe Commerce and Magento Stores
Malware in the National Geographic store | Image: SansecIn a significant cybersecurity breach this summer, cybercriminals compromised approximately 5% of all Adobe Commerce and Magento stores, affecti ... Read more
- The Hacker News
Alert: Adobe Commerce and Magento Stores Under Attack from CosmicSting Exploit
Vulnerability / Data Breach Cybersecurity researchers have disclosed that 5% of all Adobe Commerce and Magento stores have been hacked by malicious actors by exploiting a security vulnerability dubbed ... Read more
- Cybersecurity News
CVE-2024-30051: Windows Elevation of Privilege Flaw Exploited by QakBot Malware, PoC Published
Security researchers published the technical details and a proof-of-concept exploit (PoC) code for a zero-day vulnerability in Windows, tracked as CVE-2024-30051, which could allow attackers to escala ... Read more
- The Register
Cisco merch shoppers stung in Magecart attack
Bad news for anyone who purchased a Cisco hoodie earlier this month: Suspected Russia-based attackers injected data-stealing JavaScript into the networking giant's online store selling Cisco-branded m ... Read more
- security.nl
'Malware in webshop van Cisco steelt creditcardgegevens klanten'
Criminelen zijn erin geslaagd om malware aan een webshop van Cisco toe te voegen die creditcardgegevens en andere data van klanten steelt, waaronder adresgegevens, telefoonnummer, e-mailadres en inlog ... Read more
- BleepingComputer
Hackers inject malicious JS in Cisco store to steal credit cards, credentials
Cisco’s site for selling company-themed merchandise is currently offline and under maintenance due to hackers compromising it with JavaScript code that steals sensitive customer details provided at ch ... Read more
- Cybersecurity News
Linux Leaps to Record 4.44% Market Share: Open-Source OS Hits All-Time High in July
Recent data from StatCounter indicates that Linux’s market share has ascended to an unprecedented 4.44% in July. This marks a substantial increase from the 3.12% recorded during the corresponding peri ... Read more
- Cybersecurity News
Cyberattack on Magento: Hackers Inject Skimmer, Card Data Stolen
Malicious JavaScript | Image: MalwarebytesDuring a recent cyberattack on numerous online stores utilizing the Magento platform, a skimmer was injected into the sites, stealing customers’ payment card ... Read more
- Cybersecurity News
Urgent Chrome Update: Active Zero-Day Exploit Detected (CVE-2024-7971)
Google has released an urgent Chrome update (version 128.0.6613.84/85) in response to an actively exploited zero-day vulnerability (CVE-2024-7971). This vulnerability, categorized as a type confusion ... Read more
- Cybersecurity News
Azure Kubernetes Services at Risk: “WireServing” Threat Revealed
Permissions granted to the embedded TLS certificatesA newly discovered vulnerability in Azure Kubernetes Services (AKS) has been revealed by Mandiant, a leading cybersecurity firm. The vulnerability, ... Read more
- Cybersecurity News
Congress Scrutinizes TP-Link Routers Over Cybersecurity Concerns
Two members of Congress have urged the U.S. Department of Commerce to investigate the cybersecurity risks associated with Wi-Fi routers manufactured by the Chinese company TP-Link Technologies, and th ... Read more
- Cybersecurity News
Xeon Sender Abuses SaaS APIs for Massive SMS Attacks
SVG SMS variant of Xeon Sender | Image: SentinelOneSecurity researchers at SentinelOne have uncovered a new cloud-based attack tool called Xeon Sender (aka XeonV5, SVG Sender) that enables threat acto ... Read more
- Cybersecurity News
TA453 Deploys New BlackSmith Malware Toolset in Phishing Attack on Religious Figure
Cybersecurity firm Proofpoint has uncovered a new phishing campaign by the Iranian-backed threat actor TA453 (aka Charming Kitten, Mint Sandstorm, APT42). In this campaign, TA453 impersonated the Inst ... Read more
- Cybersecurity News
EDRKillShifter: A New EDR-Killing Tool in Ransomware Attack
High-level overview of the loader execution process | Image: SophosSophos researchers have discovered a new threat: EDRKillShifter, a sophisticated tool designed to dismantle endpoint detection and re ... Read more
- Cybersecurity News
CVE-2024-43360: SQLi Flaw Discovered in Popular Surveillance Software ZoneMinder
ZoneMinder, a widely used open-source video surveillance solution, has been found to contain a critical SQL injection vulnerability that could allow attackers to gain unauthorized access to sensitive ... Read more
- Cybersecurity News
Last Mile Reassembly Attacks Bypass Leading Secure Web Gateways
SquareX, along with its founder Vivek Ramachandran, a renowned cybersecurity expert, recently uncovered a vulnerability in Secure Web Gateway (SWG) systems, which are employed to safeguard corporate n ... Read more
- Cybersecurity News
Adobe Issues Critical Security Updates for Commerce and Magento Platforms
Adobe has released a critical security update for its widely-used e-commerce platforms, Adobe Commerce and Magento Open Source. The update addresses a range of vulnerabilities, some of which could all ... Read more
- Cybersecurity News
CVE-2024-42458 (CVSS 9.8) – New Security Vulnerability in Neat VNC: Urgent Patch Released
Neat VNC, a popular open-source VNC server library used for remote desktop access and screen sharing, has been found vulnerable to a security vulnerability (CVE-2024-42458, CVSS 9.8). This flaw could ... Read more
- Cybersecurity News
Proposed US Ban on Chinese Tech Impacts Autonomous Vehicles
The United States Department of Commerce plans to propose a ban on the use of Chinese software in autonomous vehicles in the coming weeks, according to Reuters.The proposed legislation will affect car ... Read more
- The Hacker News
Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager
Cisco has released patches to address a maximum-severity security flaw impacting Smart Software Manager On-Prem (Cisco SSM On-Prem) that could enable a remote, unauthenticated attacker to change the p ... Read more
The following table lists the changes that have been made to the
CVE-2024-34102
vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725
Jul. 18, 2024
Action Type Old Value New Value Added Date Added 2024-07-17 Added Vulnerability Name Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability Added Due Date 2024-08-07 Added Required Action Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. -
Initial Analysis by [email protected]
Jul. 09, 2024
Action Type Old Value New Value Changed Reference Type https://helpx.adobe.com/security/products/magento/apsb24-40.html No Types Assigned https://helpx.adobe.com/security/products/magento/apsb24-40.html Vendor Advisory Changed Reference Type https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102 No Types Assigned https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102 Exploit, Technical Description, Third Party Advisory Added CPE Configuration OR *cpe:2.3:a:adobe:commerce:2.3.7:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.3.7:p4-ext4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.0:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.0:ext-1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.0:ext-2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.0:ext-3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.0:ext-4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.1:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.1:ext-1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.1:ext-2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.1:ext-3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.1:ext-4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.2:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.2:ext-1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.2:ext-2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.2:ext-3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.2:ext-4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.3:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.3:ext-1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.3:ext-2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.3:ext-3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.3:ext-4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:p1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:p2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:p3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:p4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:p5:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.4:p6:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.5:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.5:p1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.5:p2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.5:p3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.5:p4:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.5:p5:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.6:-:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.6:p1:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.6:p2:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce:2.4.6:p3:*:*:*:*:*:* *cpe:2.3:a:adobe:commerce_webhooks:*:*:*:*:*:*:*:* versions from (including) 1.2.0 up to (including) 1.4.0 *cpe:2.3:a:adobe:magento:2.4.4:-:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p1:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p2:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p3:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p4:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p5:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p6:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p7:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.4:p8:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:-:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p1:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p2:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p3:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p4:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p5:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p6:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.5:p7:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.6:-:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.6:p1:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.6:p2:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.6:p3:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.6:p4:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.6:p5:*:*:open_source:*:*:* *cpe:2.3:a:adobe:magento:2.4.7:b1:*:*:open_source:*:*:* -
CVE Modified by [email protected]
Jul. 03, 2024
Action Type Old Value New Value Added Reference Adobe Systems Incorporated https://www.vicarius.io/vsociety/posts/cosmicsting-critical-unauthenticated-xxe-vulnerability-in-adobe-commerce-and-magento-cve-2024-34102 [No types assigned] -
CVE Received by [email protected]
Jun. 13, 2024
Action Type Old Value New Value Added Description Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in arbitrary code execution. An attacker could exploit this vulnerability by sending a crafted XML document that references external entities. Exploitation of this issue does not require user interaction. Added Reference Adobe Systems Incorporated https://helpx.adobe.com/security/products/magento/apsb24-40.html [No types assigned] Added CWE Adobe Systems Incorporated CWE-611 Added CVSS V3.1 Adobe Systems Incorporated AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2024-34102
is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2024-34102
weaknesses.