CVE-2024-21518

This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An attacker can create arbitrary files in the web root of the application and overwrite other existing files by exploiting this vulnerability.
Configurations

Configuration 1 (hide)

cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*

History

21 Nov 2024, 08:54

Type Values Removed Values Added
References () https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1 - Patch () https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1 - Patch
References () https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578 - Exploit, Third Party Advisory () https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578 - Exploit, Third Party Advisory

03 Jul 2024, 01:46

Type Values Removed Values Added
CWE CWE-290

24 Jun 2024, 19:56

Type Values Removed Values Added
First Time Opencart
Opencart opencart
References () https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1 - () https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1 - Patch
References () https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578 - () https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578 - Exploit, Third Party Advisory
CPE cpe:2.3:a:opencart:opencart:*:*:*:*:*:*:*:*
CWE CWE-22

24 Jun 2024, 12:57

Type Values Removed Values Added
Summary
  • (es) Esto afecta a las versiones del paquete opencart/opencart desde 4.0.0.0. Se identificó un problema de Zip Slip a través del instalador del mercado debido a una sanitización inadecuada de la ruta de destino, lo que permite que los archivos dentro de un archivo malicioso atraviesen el sistema de archivos y se extraigan a ubicaciones arbitrarias. Un atacante puede crear archivos arbitrarios en la raíz web de la aplicación y sobrescribir otros archivos existentes aprovechando esta vulnerabilidad.

22 Jun 2024, 05:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-06-22 05:15

Updated : 2024-11-21 08:54


NVD link : CVE-2024-21518

Mitre link : CVE-2024-21518

CVE.ORG link : CVE-2024-21518


JSON object : View

Products Affected

opencart

  • opencart
CWE
CWE-29

Path Traversal: '\..\filename'

CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

CWE-290

Authentication Bypass by Spoofing