cbcvebase.
CVE-2024-48445
published 2025-02-04

CVE-2024-48445: An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.

PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
1.82%
76.1th percentile
An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.

Detection & IOCsextracted from sources · hover to see the quote

urlinurl:compop.vip
otherts (Unix timestamp URL parameter)
  • Monitor HTTP requests targeting compop.ca/compop.vip endpoints containing the parameters 'rid', 'tid', 'et', and 'ts' simultaneously, which are the parameters abused for arbitrary code execution.
  • Flag requests where the 'ts' URL parameter is being manipulated/replayed with arbitrary Unix timestamp values, indicating authentication bypass attempts against the restaurant management system.
  • Use the Google dork 'Terms of Use inurl:compop.vip' to identify exposed vulnerable instances of compop.ca ONLINE MALL v3.5.3.
  • ·The vulnerability is specific to version 3.5.3 of compop.ca ONLINE MALL; other versions are not confirmed affected.
  • ·The exploit requires the attacker to first identify a vulnerable restaurant instance before manipulating the 'ts' parameter; exploitation is not fully automated from the provided details.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.