CVE-2023-46347
📋 TL;DR
This vulnerability allows unauthenticated attackers to execute arbitrary SQL commands on PrestaShop installations using the vulnerable 'Step by Step products Pack' module. Attackers can potentially steal sensitive data, modify database contents, or gain administrative access. All PrestaShop sites using affected versions of this module are vulnerable.
💻 Affected Systems
- PrestaShop module 'Step by Step products Pack' (ndk_steppingpack)
📦 What is this software?
⚠️ Risk & Real-World Impact
Worst Case
Complete database compromise leading to data theft, privilege escalation to admin, and potential remote code execution via database functions.
Likely Case
Data exfiltration of customer information, order details, and potentially administrative credentials stored in the database.
If Mitigated
Limited impact if database user has minimal privileges and web application firewall blocks SQL injection patterns.
🎯 Exploit Status
The vulnerability is in the getPacks() method which can be triggered via HTTP requests. SQL injection is straightforward with publicly available techniques.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Version 1.5.7 or later
Vendor Advisory: https://security.friendsofpresta.org/modules/2023/10/24/ndk_steppingpack.html
Restart Required: No
Instructions:
1. Log into PrestaShop admin panel. 2. Navigate to Modules > Module Manager. 3. Find 'Step by Step products Pack'. 4. Click 'Upgrade' to version 1.5.7 or later. 5. Alternatively, download latest version from PrestaShop Addons marketplace and upload manually.
🔧 Temporary Workarounds
Disable vulnerable module
allTemporarily disable the module until patching is possible
Log into PrestaShop admin > Modules > Module Manager > Find 'Step by Step products Pack' > Click 'Disable'
Web Application Firewall rule
allBlock SQL injection patterns targeting the vulnerable endpoint
Add WAF rule to block requests containing SQL injection patterns to paths containing 'ndk_steppingpack' or 'getPacks'
🧯 If You Can't Patch
- Disable the 'Step by Step products Pack' module immediately
- Implement strict input validation and parameterized queries at application level if module source is accessible
🔍 How to Verify
Check if Vulnerable:
Check module version in PrestaShop admin panel: Modules > Module Manager > 'Step by Step products Pack' > check version numberCheck Version:
No direct CLI command. Check via PrestaShop admin interface or examine /modules/ndk_steppingpack/ndk_steppingpack.php file version header.Verify Fix Applied:
Confirm module version is 1.5.7 or later in the module manager📡 Detection & Monitoring
Log Indicators:
- Unusual SQL queries in database logs
- HTTP requests to endpoints containing 'ndk_steppingpack' with SQL injection patterns
- Multiple failed login attempts following suspicious database activity
Network Indicators:
- HTTP POST/GET requests with SQL keywords (UNION, SELECT, INSERT) targeting module paths
- Unusual outbound database connections from web server
SIEM Query:
web_access_logs WHERE (url CONTAINS 'ndk_steppingpack' OR url CONTAINS 'getPacks') AND (request_body CONTAINS 'UNION' OR request_body CONTAINS 'SELECT' OR request_body CONTAINS 'INSERT')