CVE-2016-4010
CVE-2016-4010
Vexday Risk Score
60Attention
SSVC decision (CISA)
Attend
PoC available → attend closely
Exploit maturity
Functional exploit
Popular PoC on GitHub (6 stars) — exploitation code widely available.
CVSS —EPSS 92.9%KEV nãoPoC públicaNuclei —Metasploit simPatch —
Lifecycle
17 May 2016Metasploit module available
18 May 2016Public PoC
23 Jan 2017Published on NVD
Recommendation: Plan a near-term fix — a public PoC already exists.
Magento CE and EE before 2.0.6 allows remote attackers to conduct PHP objection injection attacks and execute arbitrary PHP code via crafted serialized shopping cart data.
Affected products
n/a · n/apublic PoCs found — 6
githubgithub.com/brianwrf/Magento-CVE-2016-4010★ 6githubgithub.com/shadofren/CVE-2016-4010★ 2cve_referencepacketstormsecurity.com/files/137312/Magento-2.0.6-Unserialize-Remote-Code-Execution.htmlunverifiedcve_referencewww.exploit-db.com/exploits/39838/unverifiedexploitdbwww.exploit-db.com/exploits/39838unverifiedcve_referencepacketstormsecurity.com/files/137121/Magento-Unauthenticated-Arbitrary-File-Write.htmlunverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://netanelrub.in/2016/05/17/magento-unauthenticated-remote-code-execution/https://magento.com/security/patches/magento-206-security-updatehttps://packetstormsecurity.com/files/137121/Magento-Unauthenticated-Arbitrary-File-Write.htmlhttps://packetstormsecurity.com/files/137312/Magento-2.0.6-Unserialize-Remote-Code-Execution.htmlhttps://www.exploit-db.com/exploits/39838/