CVE-2023-45385
📋 TL;DR
This directory traversal vulnerability in ProQuality pqprintshippinglabels allows attackers to access files outside the intended directory via the module's functionality. It affects PrestaShop stores using this shipping label printing module before version 4.15.0.
💻 Affected Systems
- ProQuality pqprintshippinglabels
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers could read sensitive files like configuration files, database credentials, or source code, potentially leading to complete system compromise.
Likely Case
Unauthorized access to sensitive files containing configuration data, user information, or system details.
If Mitigated
Limited impact with proper file permissions and web server restrictions in place.
🎯 Exploit Status
Directory traversal vulnerabilities typically have low exploitation complexity and can be exploited without authentication.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 4.15.0
Vendor Advisory: https://security.friendsofpresta.org/modules/2024/04/29/pqprintshippinglabels.html
Restart Required: No
Instructions:
1. Log into PrestaShop admin panel. 2. Navigate to Modules > Module Manager. 3. Find pqprintshippinglabels module. 4. Update to version 4.15.0 or later. 5. Clear PrestaShop cache.
🔧 Temporary Workarounds
Disable vulnerable module
allTemporarily disable the pqprintshippinglabels module until patching is possible
Restrict file access via web server
linuxConfigure web server to restrict access to sensitive directories
# Apache: Add to .htaccess
<FilesMatch "\.(php|inc|conf|sql)$">
Order allow,deny
Deny from all
</FilesMatch>
# Nginx: Add to server block
location ~ /\.(php|inc|conf|sql)$ {
deny all;
}
🧯 If You Can't Patch
- Remove the pqprintshippinglabels module completely from the PrestaShop installation
- Implement strict file permission controls and disable directory listing on the web server
🔍 How to Verify
Check if Vulnerable:
Check the module version in PrestaShop admin panel under Modules > Module Manager > pqprintshippinglabelsCheck Version:
No direct command - check via PrestaShop admin interfaceVerify Fix Applied:
Confirm module version is 4.15.0 or higher in the module manager📡 Detection & Monitoring
Log Indicators:
- Unusual file access patterns in web server logs
- Requests containing directory traversal sequences (../, ..\) to the pqprintshippinglabels module
Network Indicators:
- HTTP requests with path traversal payloads targeting the vulnerable module endpoint
SIEM Query:
web_access_logs WHERE url CONTAINS 'pqprintshippinglabels' AND (url CONTAINS '../' OR url CONTAINS '..\')🔗 References
- https://addons.prestashop.com/en/preparation-shipping/16885-print-shipping-labels-pro-address-direct-print.html#overview_description
- https://security.friendsofpresta.org/modules/2024/04/29/pqprintshippinglabels.html
- https://addons.prestashop.com/en/preparation-shipping/16885-print-shipping-labels-pro-address-direct-print.html#overview_description
- https://security.friendsofpresta.org/modules/2024/04/29/pqprintshippinglabels.html
