Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

Overview

Sansec is warning of a critical security flaw in Magento's REST API that could allow unauthenticated attackers to upload arbitrary executables and achieve code execution and account takeover. The vulnerability has been codenamed PolyShell by Sansec owing to the fact that the attack hinges on disguising malicious code as an image. There is no evidence that the shortcoming has been exploited in

Organisations Involved

The following organisations are mentioned in relation to this incident: Account Takeover
Sansec, Flaw Enables Unauthenticated Uploads.

Multi-Source Coverage

This event has been reported across multiple outlets:

• Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover — thehackernews

Sources: thehackernews. Aggregated by Cybernews Agency pipeline.