Frame-14

Privacy Ninja

        • DATA PROTECTION

        • Email Spoofing Prevention
        • Check if your organization email is vulnerable to hackers and put a stop to it. Receive your free test today!
        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • AntiHACK Phone
        • Boost your smartphone’s security with enterprise-level encryption, designed by digital forensics and counterintelligence experts, guaranteeing absolute privacy for you and up to 31 others, plus a guest user, through exclusive access.

        • CYBERSECURITY

        • Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$3,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Secure your digital frontiers with our API penetration testing service, meticulously designed to identify and fortify vulnerabilities, ensuring robust protection against cyber threats.

        • Network Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Mobile Penetration Testing
        • Strengthen your network’s defenses with our comprehensive penetration testing service, tailored to uncover and seal security gaps, safeguarding your infrastructure from cyber attacks.

        • Web Penetration Testing
        • Fortify your web presence with our specialized web penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats.

        • RAPID DIGITALISATION

        • OTHERS

Magento Plugin Magmi Vulnerable To Hijacking Admin Sessions

Magento Plugin Magmi Vulnerable To Hijacking Admin Sessions

A cross-site request forgery (CSRF) vulnerability continues to be present in the Magmi plugin for Magento online stores, despite developers receiving a report from researchers that discovered it.

Hackers can use the flaw to execute arbitrary code on servers running Magmi (Magento Mass Importer) by tricking authenticated administrators into clicking a malicious link.

The plugin works as a Magento database client that can add a large number of products (millions, according to its wiki page) to a catalog or update it.

Also read: 10 Best, Secured And Trusted Disposal Contractor In Singapore

Dev fixes one of two

Enguerran Gillier of the Tenable Web Application Security Team analyzed Magmi earlier this year and found two security vulnerabilities that could allow remote code execution. Only one of them received a fix two days ago, though.

The issue currently affecting all Magmi versions is tracked as CVE-2020-5776. It stems from lack of random CSRF tokens that would protect against CSRF attacks.

At the time of writing, a severity rating is not available for CVE-2020-5776 but Tenable released on the company’s public GitHub page proof-of-concept code that demonstrates this vulnerability, along with instructions on how it works.

The second issue discovered in Magmi is an authentication bypass that allows the use of default credentials when the connection to the Magento database fails.

This flaw is now identified as CVE-2020-5777 and attackers can exploit it by forcing a denial-of-service (DoS) condition to the Magento database connection.

Gillier says in a technical overview that the DoS is possible when the maximum number of MySQL connections is larger than the maximum accepted by the server for HTTP connections. A PoC for this issue is available, too.

“By sending a large number of concurrent connection requests that exceed the MySQL connections limit, but not the maximum Apache HTTP connection limit, attackers could temporarily block access to the Magento database and simultaneously make an authenticated request to MAGMI using the default credentials” – Enguerran Gillier

According to Tenable, they reported the vulnerabilities in Magmi to its developer on June 3. On July 6, the developer acknowledged the glitches saying that they would be addressed.

A new version of the plugin emerged on August 30 with a fix just for the authentication bypass vulnerability, said the cybersecurity company.

Vulnerabilities in previous versions of Magmi have been exploited by at least one Magecart Group for unauthorized access to a server hosting an online store in the U.S. This enabled them to plant malicious JavaScript code that stole customers’ credit card data at checkout.

The incident was notable enough to cause the FBI to release in May technical details to organizations in the e-commerce sector so they can protect against the threat actor.

Although Magmi is compatible with Magento 1.x that is no longer under active support, the plugin’s download count over the past six months indicates hundreds of installations.

Also read: The Scope Of Singapore Privacy: How We Use It In A Right Way

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us