CVE-2024-24302
📋 TL;DR
This vulnerability in the Tunis Soft 'Product Designer' module for PrestaShop allows remote attackers to execute arbitrary code, escalate privileges, and access sensitive information via the postProcess() method. It affects PrestaShop installations using the vulnerable module. Attackers can compromise the entire web application and underlying server.
💻 Affected Systems
- Tunis Soft Product Designer module for PrestaShop
📦 What is this software?
Product Designer by Prestalife
⚠️ Risk & Real-World Impact
Worst Case
Complete server compromise leading to data theft, ransomware deployment, and persistent backdoor installation across the infrastructure.
Likely Case
Website defacement, customer data exfiltration, and installation of cryptocurrency miners or malware.
If Mitigated
Limited impact with proper network segmentation, but still potential for web application compromise.
🎯 Exploit Status
The vulnerability is in the postProcess() method which handles file uploads, allowing deserialization of untrusted data leading to remote code execution.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 1.178.36
Vendor Advisory: https://github.com/friends-of-presta/security-advisories/blob/main/_posts/2024-02-29-productdesigner-502.md
Restart Required: No
Instructions:
1. Log into PrestaShop admin panel. 2. Navigate to Modules > Module Manager. 3. Find 'Product Designer' module. 4. Click 'Upgrade' to version 1.178.36 or later. 5. Clear PrestaShop cache via Advanced Parameters > Performance.
🔧 Temporary Workarounds
Disable Product Designer Module
allTemporarily disable the vulnerable module until patching is possible.
UPDATE ps_module SET active = 0 WHERE name = 'productdesigner';
Restrict Access to Module
allUse web application firewall to block requests to the vulnerable postProcess endpoint.
# Example for Apache: RewriteRule ^/modules/productdesigner/ - [F]
# Example for Nginx: location ~ /modules/productdesigner/ { deny all; }
🧯 If You Can't Patch
- Immediately disable the Product Designer module via PrestaShop admin or database.
- Implement strict network segmentation to isolate the PrestaShop server from critical systems.
🔍 How to Verify
Check if Vulnerable:
Check module version in PrestaShop admin panel under Modules > Module Manager > Product Designer, or run: SELECT version FROM ps_module WHERE name = 'productdesigner';Check Version:
SELECT version FROM ps_module WHERE name = 'productdesigner';Verify Fix Applied:
Confirm module version is 1.178.36 or higher in PrestaShop admin or via database query.📡 Detection & Monitoring
Log Indicators:
- Unusual POST requests to /modules/productdesigner/ endpoints
- Unexpected file uploads or deserialization errors in PrestaShop logs
- Suspicious process execution from web server user
Network Indicators:
- Outbound connections to suspicious IPs from web server
- Unusual spikes in traffic to product designer module endpoints
SIEM Query:
source="prestashop" AND (url="/modules/productdesigner/*" OR module="productdesigner")