CVE-2020-26252 — Path Traversal in Magento-lts

CWE-22 — Path Traversal CWE-434 — Unrestricted File Upload2 documents2 sources

Severity

7.2HIGHNVD

CNA8.7

EPSS

1.7%

top 17.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openmage Magento-lts Openmage

Timeline

PublishedJan 20

Description

OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable file on the server and load it via layout xml. The latest OpenMage Versions up from 19.4.10 and 20.0.6 have this issue solved.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

▶CVEListV5openmage/magento-lts< 19.4.10+1

▶NVDopenmage/openmage20.0.0 — 20.0.6+1

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

CVEList

Layout XML RCE Vulnerability in OpenMage↗2021-01-20

▶