Skip to content

cart2quote/module-quotation-encoded Remote Code Execution via downloadCustomOptionAction

High severity GitHub Reviewed Published May 15, 2024 to the GitHub Advisory Database • Updated May 15, 2024

Package

composer cart2quote/module-quotation-encoded (Composer)

Affected versions

>= 4.1.6, <= 4.4.5
>= 5.0.0, < 5.4.4

Patched versions

5.4.4

Description

cart2quote/module-quotation-encoded extension may expose a critical security vulnerability by utilizing the unserialize function when processing data from a GET request. This flaw, present in the app/code/community/Ophirah/Qquoteadv/controllers/DownloadController.php and app/code/community/Ophirah/Qquoteadv/Helper/Data.php files, poses a significant risk of Remote Code Execution, especially when custom file options are employed on a product. Attackers exploiting this vulnerability could execute arbitrary code remotely, leading to unauthorized access and potential compromise of sensitive data.

References

Published to the GitHub Advisory Database May 15, 2024
Reviewed May 15, 2024
Last updated May 15, 2024

Severity

High
7.0
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
High
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
Low
Availability
Low
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L

Weaknesses

CVE ID

No known CVE

GHSA ID

GHSA-pgj4-g5j4-cmfx

Source code

Checking history
See something to contribute? Suggest improvements for this vulnerability.