CVE-2024-48445
published 2025-02-04CVE-2024-48445: An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.
PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
1.82%
76.1th percentile
An issue in compop.ca ONLINE MALL v.3.5.3 allows a remote attacker to execute arbitrary code via the rid, tid, et, and ts parameters.
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting compop.ca/compop.vip endpoints containing the parameters 'rid', 'tid', 'et', and 'ts' simultaneously, which are the parameters abused for arbitrary code execution. ↗
- →Flag requests where the 'ts' URL parameter is being manipulated/replayed with arbitrary Unix timestamp values, indicating authentication bypass attempts against the restaurant management system. ↗
- →Use the Google dork 'Terms of Use inurl:compop.vip' to identify exposed vulnerable instances of compop.ca ONLINE MALL v3.5.3. ↗
- ·The vulnerability is specific to version 3.5.3 of compop.ca ONLINE MALL; other versions are not confirmed affected. ↗
- ·The exploit requires the attacker to first identify a vulnerable restaurant instance before manipulating the 'ts' parameter; exploitation is not fully automated from the provided details. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Predictable from Observable State
mitre_cwe
CWE-341 Predictable from Observable State
CWE-341: Predictable from Observable State
A number or object is predictable based on observations that the attacker can make about the state of the system or network, such as time, process ID, etc.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Note: REALIZATION: This weakness is caused during implementation of an architectural security tactic.
Common Consequences:
Scope: Other. Impact: Varies by Context. This weakness could be exploited by an attacker in a number ways depending on the context. If a predictable number is used to generate IDs or keys that are used within protection mechanisms, then an attacker could gain unauthorized access to the system. If predictable filenames are used for storing sensitive information, then an attacker might gain access
CWE
Weak Authentication
mitre_cwe·CVSS 7.5
[HIGH] CWE-1390 Weak Authentication
CWE-1390: Weak Authentication
The product uses an authentication mechanism to restrict access to specific users or identities, but the mechanism does not sufficiently prove that the claimed identity is correct.
Attackers may be able to bypass weak authentication faster and/or with less effort than expected.
Modes of Introduction:
Phase: Architecture and Design
Phase: Implementation
Common Consequences:
Scope: Integrity, Confidentiality, Availability, Access Control. Impact: Read Application Data, Gain Privileges or Assume Identity, Execute Unauthorized Code or Commands. This weakness can lead to the exposure of resources or functionality to unintended actors, possibly providing attackers with sensitive information or even execute arbitrary code.
Examples:
In 2022, the OT:ICEFALL study
2025-02-04
Published