← back
CVE-2024-21518

CVE-2024-21518

CVSS 7.2 HIGHEPSS 14.1%CWE-22CWE-29CWE-290
In short

OpenCart's marketplace installer has a flaw that lets attackers extract files from malicious archives to any location on the server, potentially overwriting important files or adding malicious code to the website.

Technical detail

A path traversal vulnerability in OpenCart 4.0.0.0+ allows attackers to craft malicious ZIP archives that bypass sanitization checks during extraction via the marketplace installer, enabling arbitrary file creation and overwriting in the web root. The attacker must be able to upload or trigger installation of a malicious marketplace extension. Impact includes code execution through file placement in web-accessible directories.

Summary generated and translated by AI from the official description.
This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An attacker can create arbitrary files in the web root of the application and overwrite other existing files by exploiting this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P
Affected products
n/a · opencart/opencart

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/opencart/opencart/blob/04c1724370ab02967d3b4f668c1b67771ecf1ff4/upload/admin/controller/marketplace/installer.php%23L383C1-L383C1https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266578