Security News > 2022 > September > Critical Magento vulnerability targeted in new surge of attacks
Researchers have observed a surge in hacking attempts targeting CVE-2022-24086, a critical Magento 2 vulnerability allowing unauthenticated attackers to execute code on unpatched sites.
According to a report published by Sansec today, we have reached that stage, with the critical template vulnerability becoming a favorite in the hacker underground.
The attacks are interactive because the Magento checkout flow is challenging to automate and may reduce the effectiveness of the attacks.
The first variant begins by creating a new customer account on the target platform using malicious template code in the first and last names and then placing an order.
The code creates a new file that accepts commands via POST requests.
Finally, the third attack variation employs template code that executes to replace "Generated/code/Magento/Framework/App/FrontController/Interceptor.php" with a malicious, backdoored version.
News URL
Related news
- Zyxel CPE devices under attack via critical vulnerability without a patch (CVE-2024-40891) (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- Critical OpenWrt Vulnerability Exposes Devices to Malicious Firmware Injection (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- BeyondTrust fixes critical vulnerability in remote access, support solutions (CVE-2024-12356) (source)
- Hackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access Tools (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-16 | CVE-2022-24086 | Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. | 0.0 |