CVE-2018-19355 in Customer Files Upload Addon
Summary
by MITRE
modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles).
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 04/14/2020
This vulnerability exists in the Customer Files Upload addon for PrestaShop versions 1.5 through 1.7, specifically affecting the modules/orderfiles/ajax/upload.php endpoint. The flaw stems from inadequate input validation and file type checking mechanisms that allow remote attackers to bypass security restrictions and execute arbitrary code through malicious file uploads. The vulnerability is particularly dangerous because it operates through a legitimate upload interface that is designed for customer file management, making it difficult to detect through standard security monitoring. Attackers can exploit this by uploading a php file with specific parameters that direct the upload to predetermined directories within the modules/productfiles, modules/files, or modules/cartfiles paths, depending on the auptype parameter value.
The technical implementation of this vulnerability involves a lack of proper file extension validation and content verification within the upload process. When the system processes an upload request with auptype set to product, order, or cart, it fails to properly sanitize the file extensions or verify the actual content type of uploaded files. This allows attackers to upload php files that will be executed within the web server context, potentially leading to complete system compromise. The vulnerability aligns with CWE-434, which describes insecure file upload vulnerabilities where applications allow file uploads without proper validation of file types or content. The attack vector is particularly concerning as it leverages legitimate administrative functionality that should be restricted to authorized users only, but instead provides an unrestricted upload path for malicious actors.
The operational impact of this vulnerability is severe and multifaceted, potentially allowing attackers to gain full control over affected PrestaShop installations. Successful exploitation could result in data breaches, unauthorized access to customer information, modification of product catalogs, and potential use as a foothold for further attacks within the network. The vulnerability affects a wide range of PrestaShop versions, making it particularly dangerous as many e-commerce platforms continue to operate on older versions due to compatibility concerns or delayed updates. From an ATT&CK framework perspective, this vulnerability maps to T1190 (Exploit Public-Facing Application) and T1059 (Command and Scripting Interpreter) as attackers can leverage the upload capability to execute malicious code and establish persistent access. The impact extends beyond immediate code execution to include potential privilege escalation and lateral movement within the compromised environment.
Mitigation strategies should focus on immediate patching of the affected PrestaShop versions, implementing strict file type validation, and restricting upload directories to prevent execution of uploaded files. Organizations should deploy web application firewalls to monitor and block suspicious upload patterns, implement proper file extension filtering, and ensure that uploaded files are stored outside the web root directory. Regular security audits and penetration testing should be conducted to identify similar vulnerabilities in other components. The remediation process must include thorough validation of all file uploads, implementation of content type checking, and establishment of proper access controls for upload endpoints. Additionally, organizations should consider implementing automated patch management systems to ensure timely updates of all third-party components and plugins, as this vulnerability demonstrates the critical importance of maintaining up-to-date software to prevent exploitation of known security flaws.