CVE-2020-9368 – CVE-2020-9368 is a directory traversal vulnerab... (How to Fix)

Q: What is the severity of CVE-2020-9368?

CVE-2020-9368 has a CVSS score of 7.5 (HIGH). CVE-2020-9368 is a directory traversal vulnerability in the Olea Gift On Order module for PrestaShop that allows unauthenticated attackers to read arbitrary files on the server. This affects PrestaShop e-commerce websites using vulnerable versions of the module, potentially exposing sensitive configuration files, credentials, and other server data.

📋 TL;DR

CVE-2020-9368 is a directory traversal vulnerability in the Olea Gift On Order module for PrestaShop that allows unauthenticated attackers to read arbitrary files on the server. This affects PrestaShop e-commerce websites using vulnerable versions of the module, potentially exposing sensitive configuration files, credentials, and other server data.

💻 Affected Systems

Products:

Olea Gift On Order module for PrestaShop

Versions: Through version 5.0.8

Operating Systems: All operating systems running PrestaShop

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects PrestaShop installations with the vulnerable Olea Gift On Order module installed.

📦 What is this software?

Olea Gift On Order by Oleacorner

View all CVEs affecting Olea Gift On Order →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could read sensitive files like configuration files containing database credentials, API keys, or other secrets, leading to complete system compromise and data theft.

🟠

Likely Case

Attackers will read configuration files to steal database credentials and other sensitive information, potentially leading to data breaches and unauthorized access.

🟢

If Mitigated

With proper file permissions and web server hardening, impact is limited to readable files within the web server context.

🌐 Internet-Facing: HIGH - The vulnerability is exploitable by unauthenticated users over the internet via a simple HTTP request.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this, but internet-facing systems are the primary concern.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires only a web browser or simple HTTP client to send crafted requests to getfile.php.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 5.0.9 or later

Vendor Advisory: https://github.com/Intrinsec/CERT/blob/master/Advisories/CVE-2020-9368.md

Restart Required: No

Instructions:

1. Update the Olea Gift On Order module to version 5.0.9 or later. 2. Remove or disable the vulnerable module if update is not possible.

🔧 Temporary Workarounds

Delete vulnerable file

linux

Remove the vulnerable getfile.php file from the module directory

rm modules/oleagiftonorder/getfile.php

Web server restriction

all

Block access to getfile.php via web server configuration

# For Apache: add 'Deny from all' to .htaccess for getfile.php
# For Nginx: add 'location ~ getfile\.php { deny all; }' to site config

🧯 If You Can't Patch

Disable or uninstall the Olea Gift On Order module completely
Implement web application firewall rules to block directory traversal patterns in requests to getfile.php

🔍 How to Verify

Check if Vulnerable:

Check if modules/oleagiftonorder/getfile.php exists and if module version is ≤5.0.8 in PrestaShop admin panel

Check Version:

Check PrestaShop admin panel → Modules → Module Manager → Olea Gift On Order

Verify Fix Applied:

Verify module version is ≥5.0.9 in PrestaShop admin panel and test that getfile.php no longer allows directory traversal

📡 Detection & Monitoring

Log Indicators:

HTTP requests to getfile.php with '../' patterns in parameters
Unusual file access patterns from web server process

Network Indicators:

HTTP GET requests to /modules/oleagiftonorder/getfile.php with file parameter containing path traversal sequences

SIEM Query:

web.url:*getfile.php* AND (web.param.file:*..* OR web.param.file:*../*)

📊 Metadata

CVE ID: CVE-2020-9368

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: November 2, 2020

Last Updated: November 21, 2024

🔗 References

https://github.com/Intrinsec/CERT/blob/master/Advisories/CVE-2020-9368.md Exploit,Third Party Advisory
https://www.intrinsec.com/publications/ Third Party Advisory
https://github.com/Intrinsec/CERT/blob/master/Advisories/CVE-2020-9368.md Exploit,Third Party Advisory
https://www.intrinsec.com/publications/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2020-9368, you might also want to check these: