CVE-2023-30199 – This vulnerability in PrestaShop's customexport... (How to Fix)

Q: How do I fix CVE-2023-30199?

1. Update customexporter module to version 1.7.21 or later via PrestaShop admin panel. 2. Alternatively, download latest version from official repository and manually install. 3. Clear PrestaShop cache after update.

Q: What is the severity of CVE-2023-30199?

CVE-2023-30199 has a CVSS score of 7.5 (HIGH). This vulnerability in PrestaShop's customexporter module allows attackers to bypass access controls and download sensitive files via the download.php endpoint. It affects all PrestaShop installations using customexporter module version 1.7.20 or earlier. Attackers can exploit this without authentication to access restricted files.

📋 TL;DR

This vulnerability in PrestaShop's customexporter module allows attackers to bypass access controls and download sensitive files via the download.php endpoint. It affects all PrestaShop installations using customexporter module version 1.7.20 or earlier. Attackers can exploit this without authentication to access restricted files.

💻 Affected Systems

Products:

PrestaShop customexporter module

Versions: <= 1.7.20

Operating Systems: All operating systems running PrestaShop

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all PrestaShop installations with the customexporter module installed and enabled.

📦 What is this software?

Customexporter by Webbax

View all CVEs affecting Customexporter →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through sensitive file disclosure including database credentials, configuration files, and customer data leading to data breach and potential ransomware deployment.

🟠

Likely Case

Unauthorized access to sensitive files containing configuration data, customer information, and potentially database credentials leading to data theft.

🟢

If Mitigated

Limited impact with proper file permissions and network segmentation preventing access to critical system files.

🌐 Internet-Facing: HIGH - The vulnerable endpoint is typically internet-accessible in PrestaShop deployments, allowing remote exploitation.

🏢 Internal Only: MEDIUM - Internal attackers could exploit this to escalate privileges or access sensitive data.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires simple HTTP requests to the vulnerable endpoint with directory traversal payloads.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.7.21 or later

Vendor Advisory: https://friends-of-presta.github.io/security-advisories/modules/2023/05/16/customexporter.html

Restart Required: No

Instructions:

1. Update customexporter module to version 1.7.21 or later via PrestaShop admin panel. 2. Alternatively, download latest version from official repository and manually install. 3. Clear PrestaShop cache after update.

🔧 Temporary Workarounds

Disable customexporter module

all

Temporarily disable the vulnerable module until patching is possible

Navigate to PrestaShop admin panel > Modules > Module Manager > Find customexporter > Disable

Block vulnerable endpoint via web server

linux

Add web server rules to block access to the vulnerable download.php file

For Apache: add 'RewriteRule ^modules/customexporter/downloads/download\.php - [F,L]' to .htaccess
For Nginx: add 'location ~ ^/modules/customexporter/downloads/download\.php { deny all; }' to site config

🧯 If You Can't Patch

Implement strict file permissions on sensitive directories and configuration files
Deploy web application firewall (WAF) with rules to detect and block directory traversal attempts

🔍 How to Verify

Check if Vulnerable:

Check customexporter module version in PrestaShop admin panel under Modules > Module Manager, or examine modules/customexporter/ directory for version file.

Check Version:

Check PrestaShop database: SELECT version FROM ps_module WHERE name = 'customexporter'; or examine file: cat modules/customexporter/version.txt

Verify Fix Applied:

Verify module version is 1.7.21 or later, and test that directory traversal attempts to download.php return proper access denied errors.

📡 Detection & Monitoring

Log Indicators:

HTTP requests to /modules/customexporter/downloads/download.php with ../ patterns
Unusual file access patterns from unexpected IP addresses
Failed authentication attempts followed by download.php access

Network Indicators:

HTTP GET requests containing directory traversal sequences (../, ..\) to the vulnerable endpoint
Unusual outbound data transfers following access to download.php

SIEM Query:

source="web_server_logs" AND (url="/modules/customexporter/downloads/download.php" AND (url="*../*" OR url="*..\*"))

📊 Metadata

CVE ID: CVE-2023-30199

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-22

Published: May 19, 2023

Last Updated: January 21, 2025

🔗 References

https://friends-of-presta.github.io/security-advisories/modules/2023/05/16/customexporter.html Patch,Third Party Advisory
https://github.com/PrestaShop/PrestaShop/blob/6c05518b807d014ee8edb811041e3de232520c28/classes/Tools.php#L1247 Product
https://friends-of-presta.github.io/security-advisories/modules/2023/05/16/customexporter.html Patch,Third Party Advisory
https://github.com/PrestaShop/PrestaShop/blob/6c05518b807d014ee8edb811041e3de232520c28/classes/Tools.php#L1247 Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-30199, you might also want to check these: