CVE-2023-36644 – This vulnerability allows remote attackers to a... (How to Fix)

Q: What is the severity of CVE-2023-36644?

CVE-2023-36644 has a CVSS score of 7.5 (HIGH). This vulnerability allows remote attackers to access all order confirmations from the TradePro v9.5 online shop due to incorrect access control in the printmail plugin. Any organization using the vulnerable version of ITB-GmbH TradePro is affected, potentially exposing sensitive customer order data.

📋 TL;DR

This vulnerability allows remote attackers to access all order confirmations from the TradePro v9.5 online shop due to incorrect access control in the printmail plugin. Any organization using the vulnerable version of ITB-GmbH TradePro is affected, potentially exposing sensitive customer order data.

💻 Affected Systems

Products:

ITB-GmbH TradePro

Versions: v9.5

Operating Systems: Any OS running TradePro

Default Config Vulnerable: ⚠️ Yes

Notes: Requires the printmail plugin to be installed and enabled.

📦 What is this software?

Tradepro by Itb Pim

View all CVEs affecting Tradepro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could exfiltrate all customer order data including personal information, payment details, and transaction history, leading to data breach, regulatory fines, and reputational damage.

🟠

Likely Case

Unauthorized access to order confirmations containing customer names, addresses, order details, and potentially partial payment information.

🟢

If Mitigated

With proper access controls and network segmentation, impact would be limited to unauthorized viewing of order data without ability to modify or delete.

🌐 Internet-Facing: HIGH - The vulnerability affects the online shop component which is typically internet-facing, allowing remote exploitation.

🏢 Internal Only: MEDIUM - If the system is only accessible internally, risk is reduced but still present from internal threats.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Public proof-of-concept code is available on GitHub, making exploitation straightforward for attackers.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: Unknown

Restart Required: No

Instructions:

Check with ITB-GmbH for official patch or upgrade guidance. No official patch information is currently available.

🔧 Temporary Workarounds

Disable printmail plugin

all

Remove or disable the vulnerable printmail plugin to prevent exploitation

Check TradePro documentation for plugin management commands

Network access restrictions

all

Restrict access to the TradePro application to authorized users only

Configure firewall rules to limit access to TradePro server

🧯 If You Can't Patch

Implement strict network segmentation to isolate TradePro from untrusted networks
Deploy web application firewall (WAF) with rules to detect and block exploitation attempts

🔍 How to Verify

Check if Vulnerable:

Check if TradePro v9.5 is installed with printmail plugin enabled. Review application logs for unauthorized access attempts to order confirmation endpoints.

Check Version:

Check TradePro administration panel or configuration files for version information

Verify Fix Applied:

Test that order confirmations are no longer accessible without proper authentication. Verify plugin is disabled or removed.

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to printmail plugin endpoints
Multiple order confirmation requests from single IP
Access to order data from unexpected locations

Network Indicators:

HTTP requests to printmail plugin endpoints without authentication
Unusual traffic patterns to order confirmation URLs

SIEM Query:

source="tradepro_logs" AND (uri="*printmail*" OR uri="*order*confirmation*") AND status="200" AND NOT user="authenticated_user"

📊 Metadata

CVE ID: CVE-2023-36644

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-284

Published: April 4, 2024

Last Updated: April 24, 2025

🔗 References

https://github.com/caffeinated-labs/CVE-2023-36644 Exploit,Third Party Advisory
https://github.com/caffeinated-labs/CVE-2023-36644 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-36644, you might also want to check these: