1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability

Known Exploited Vulnerabilities CVE-2022-24086

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2022-24086 Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability secondary_impact T1213 Data from Information Repositories
Comments
This vulnerability can be exploited via a public-facing e-commerce application in order to achieve remote code execution. To evade detection, the exploit segment responsible for downloading and executing the remote malicious PHP code is obfuscated.
References
  1. https://www.akamai.com/blog/security-research/new-sophisticated-magento-campaign-xurum-webshell#:~:text=In%20early%202022%2C%20the%20CVE
  2. PHP%20code%20on%20susceptible%20targets.
  3. https://sansec.io/research/magento-2-cve-2022-24086
CVE-2022-24086 Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability primary_impact T1027 Obfuscated Files or Information
Comments
This vulnerability can be exploited via a public-facing e-commerce application in order to achieve remote code execution. To evade detection, the exploit segment responsible for downloading and executing the remote malicious PHP code is obfuscated.
References
  1. https://www.akamai.com/blog/security-research/new-sophisticated-magento-campaign-xurum-webshell#:~:text=In%20early%202022%2C%20the%20CVE,PHP%20code%20on%20susceptible%20targets.
  2. https://sansec.io/research/magento-2-cve-2022-24086
CVE-2022-24086 Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability exploitation_technique T1190 Exploit Public-Facing Application
Comments
This vulnerability can be exploited via a public-facing e-commerce application in order to achieve remote code execution. To evade detection, the exploit segment responsible for downloading and executing the remote malicious PHP code is obfuscated.
References
  1. https://www.akamai.com/blog/security-research/new-sophisticated-magento-campaign-xurum-webshell#:~:text=In%20early%202022%2C%20the%20CVE,PHP%20code%20on%20susceptible%20targets.
  2. https://sansec.io/research/magento-2-cve-2022-24086