CVE-2024-21516

Summary

CVE-2024-21516 is a reflected XSS vulnerability affecting versions of the opencart/opencart package from 4.0.0.0. The issue lies in the directory parameter of the admin common/filemanager.list route, which can be exploited by an attacker to obtain a user's token. Upon clicking a maliciously crafted URL, the user is prompted to login and subsequently redirected to a page with the attacker's payload. If the attacked user holds admin privileges, this vulnerability may be used as a starting point for more serious exploits, such as Zip Slip or arbitrary file writes. Exploitation of this vulnerability relies on the attacker knowing the name or path of the admin directory, which by default is named "admin." Users are warned to rename this directory in a dashboard pop-up for security reasons. The patch for this vulnerability removes the redirect post-authentication, preventing attackers from controlling the redirect. However, the vulnerability can still be exploited in the admin section if the user is already authenticated as an admin.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.