logo

Database

Lack of data validation - Path Traversal In shopware/shopware

Description

Shopware XXE Vulnerability Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2017-183572. NVD-2017-183573. OSV-2017-183574. GCVE-2017-18357

References

1. https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe2. https://demo.ripstech.com/projects/shopware_5.3.33. http://packetstormsecurity.com/files/152995/Shopware-createInstanceFromNamedArguments-PHP-Object-Instantiation.html4. https://www.exploit-db.com/exploits/469155. https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/shopware_createinstancefromnamedarguments_rce.rb

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.