CVE-2018-20717
HIGHPrestaShop < 1.7.2.5 - Authenticated Remote Code Execution via Serialized Object Injection
Title source: llmDescription
In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to gain Remote Code Execution. This occurs because protection against serialized objects looks for a 0: followed by an integer, but does not consider 0:+ followed by an integer.
References (2)
Core 2
Core References
Exploit, Third Party Advisory x_refsource_misc
https://blog.ripstech.com/2018/prestashop-remote-code-execution/
Release Notes, Third Party Advisory x_refsource_misc
https://build.prestashop.com/news/prestashop-1-7-2-5-maintenance-release/
Scores
CVSS v3
8.8
EPSS
0.0271
EPSS Percentile
84.1%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-94
Status
published
Products (2)
prestashop/prestashop
< 1.7.2.5
prestashop/prestashop
0 - 1.7.2.5Packagist
Published
Jan 15, 2019
Tracked Since
Feb 18, 2026