Magento Unauthenticated RCE

Posted by Shahar Tal on Apr 23

RCE on the most popular eCommerce (/shopping cart) platform out there – we have been urging admins to patch for a while
now.
This one is as serious as it gets, auth bypass + SQLi + RFI converted to LFI. Props to our own Netanel Rubin for the
top research.
Check Point was awarded with a $20k USD bounty for this report, which we have decided to donate to charity.

Check out the complete technical analysis at…

Leave a Reply