CVE-2024-21516
CVSS 3.1 Score 4.7 of 10 (medium)
Details
Summary
CVE-2024-21516 is a reflected XSS vulnerability affecting versions of the opencart/opencart package from 4.0.0.0. The issue lies in the directory parameter of the admin common/filemanager.list route, which can be exploited by an attacker to obtain a user's token. Upon clicking a maliciously crafted URL, the user is prompted to login and subsequently redirected to a page with the attacker's payload. If the attacked user holds admin privileges, this vulnerability may be used as a starting point for more serious exploits, such as Zip Slip or arbitrary file writes. Exploitation of this vulnerability relies on the attacker knowing the name or path of the admin directory, which by default is named "admin." Users are warned to rename this directory in a dashboard pop-up for security reasons. The patch for this vulnerability removes the redirect post-authentication, preventing attackers from controlling the redirect. However, the vulnerability can still be exploited in the admin section if the user is already authenticated as an admin.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Affected Products
- OpenCart
Affected Vendors
- Opencart
Advisories, Assessments, and Mitigations
Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future
- Gain complete coverage of your cyber, third party, and physical attack surface
- Proactively mitigate threats before they turn into costly attacks
- Make fast, effective, data-driven decisions