Magento wish list exploit bypasses WAF protection
Tags
| attack-pattern: | Data Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Vulnerabilities - T1588.006 |
Common Information
| Type | Value |
|---|---|
| UUID | 0d4aebc9-af3f-4a80-9f79-c7b7bfd937e3 |
| Fingerprint | cca69804edff87d5 |
| Analysis status | DONE |
| Considered CTI value | 0 |
| Text language | |
| Published | Dec. 18, 2023, midnight |
| Added to db | Aug. 31, 2024, 8:09 a.m. |
| Last updated | Nov. 2, 2024, 12:09 a.m. |
| Headline | Magento wish list exploit bypasses WAF protection |
| Title | Magento wish list exploit bypasses WAF protection |
| Detected Hints/Tags/Attributes | 33/1/19 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://sansec.io/research/magento-wish-list-exploits |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 221 | ✔ | Sansec - experts in eCommerce security | https://sansec.io/atom.xml | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Autonomous System Number | 2 | AS202015 |
|
| Details | Domain | 1 | aa4.in |
|
| Details | Domain | 1 | www.purplesunrise.com |
|
| Details | Domain | 1 | triconville.com |
|
| Details | File | 8 | bootstrap.php |
|
| Details | File | 6 | x.php |
|
| Details | File | 6 | env.php |
|
| Details | File | 8 | 2.js |
|
| Details | File | 31 | 404.php |
|
| Details | File | 5 | common.js |
|
| Details | File | 2 | cr.js |
|
| Details | IPv4 | 1 | 69.49.246.122 |
|
| Details | IPv4 | 1 | 79.141.160.185 |
|
| Details | Url | 1 | https://a.aa4.in/x.php?x=a1234%5c%22%20%7c%20php%22 |
|
| Details | Url | 1 | https://a.aa4.in/x.php?x=a1234 |
|
| Details | Url | 1 | http://69.49.246.122/[hash].php |
|
| Details | Url | 1 | https://www.purplesunrise.com/2.js |
|
| Details | Url | 1 | https://a.aa4.in |
|
| Details | Url | 1 | https://triconville.com/pub/errors/cr.js |