Malicious actors are exploiting a beforehand unknown safety flaw within the open supply PrestaShop e-commerce platform to inject malicious skimmer code designed to swipe delicate data.
“Attackers have discovered a method to make use of a safety vulnerability to hold out arbitrary code execution in servers operating PrestaShop web sites,” the corporate famous in an advisory revealed on July 22.
PrestaShop is marketed because the main open-source e-commerce answer in Europe and Latin America, utilized by practically 300,000 on-line retailers worldwide.
The objective of the infections is to introduce malicious code able to stealing cost data entered by prospects on checkout pages. Outlets utilizing outdated variations of the software program or different weak third-party modules seem like the prime targets.
The PrestaShop maintainers additionally stated it discovered a zero-day flaw in its service that it stated has been addressed in model 1.7.8.7, though they cautioned that “we can not make certain that it is the one method for them to carry out the assault.”
“This safety repair strengthens the MySQL Smarty cache storage towards code injection assaults,” PrestaShop famous. “This legacy characteristic is maintained for backward compatibility causes and can be faraway from future PrestaShop variations.”
The difficulty in query is an SQL injection vulnerability affecting variations 1.6.0.10 or larger, and is being tracked as CVE-2022-36408.
Profitable exploitation of the flaw may allow an attacker to submit a specifically crafted request that grants the power to execute arbitrary directions, on this case, inject a faux cost type on the checkout web page to assemble bank card data.
The event follows a wave of Magecart assaults focusing on restaurant ordering platforms MenuDrive, Harbortouch, and InTouchPOS, resulting in the compromise of not less than 311 eating places.
