CVE-2024-25845 – This vulnerability allows unauthenticated attac... (How to Fix)

Q: What is the severity of CVE-2024-25845?

CVE-2024-25845 has a CVSS score of 9.8 (CRITICAL). This vulnerability allows unauthenticated attackers to perform SQL injection attacks against PrestaShop installations using the 'CD Custom Fields 4 Orders' module version 1.0.0 or earlier. Attackers can potentially access, modify, or delete database content. All PrestaShop sites using this vulnerable module are affected.

📋 TL;DR

This vulnerability allows unauthenticated attackers to perform SQL injection attacks against PrestaShop installations using the 'CD Custom Fields 4 Orders' module version 1.0.0 or earlier. Attackers can potentially access, modify, or delete database content. All PrestaShop sites using this vulnerable module are affected.

💻 Affected Systems

Products:

CD Custom Fields 4 Orders module for PrestaShop

Versions: <= 1.0.0

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects PrestaShop installations with this specific module installed and enabled.

📦 What is this software?

Cd Custom Fields 4 Orders by Cleanpresta

View all CVEs affecting Cd Custom Fields 4 Orders →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including theft of customer data, administrative credentials, and potential remote code execution through database functions.

🟠

Likely Case

Data exfiltration of customer information, order details, and potentially administrative credentials leading to site takeover.

🟢

If Mitigated

Limited impact if database permissions are properly restricted and input validation is implemented elsewhere.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are commonly weaponized, and this one requires no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: > 1.0.0

Vendor Advisory: https://www.cleanpresta.com

Restart Required: No

Instructions:

1. Log into PrestaShop admin panel. 2. Navigate to Modules > Module Manager. 3. Find 'CD Custom Fields 4 Orders'. 4. Check for updates or remove if no update available. 5. If updating, download latest version from Cleanpresta.com. 6. Upload and install updated module.

🔧 Temporary Workarounds

Disable vulnerable module

all

Temporarily disable the CD Custom Fields 4 Orders module until patched

Navigate to PrestaShop admin > Modules > Module Manager > CD Custom Fields 4 Orders > Disable

Web Application Firewall rules

all

Implement WAF rules to block SQL injection patterns targeting this module

Configure WAF to block SQL injection patterns in requests to modules/cdcustomfields4orders/

🧯 If You Can't Patch

Remove the CD Custom Fields 4 Orders module completely from the PrestaShop installation
Implement strict input validation and parameterized queries at the application level

🔍 How to Verify

Check if Vulnerable:

Check PrestaShop admin panel > Modules > Module Manager > CD Custom Fields 4 Orders > check version number

Check Version:

Check version in PrestaShop admin panel or examine modules/cdcustomfields4orders/ directory for version file

Verify Fix Applied:

Verify module version is greater than 1.0.0 in module manager

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed login attempts from single IP
Requests to modules/cdcustomfields4orders/ with SQL syntax

Network Indicators:

Unusual database traffic patterns
Requests containing SQL keywords to module endpoints

SIEM Query:

source="web_logs" AND uri="*cdcustomfields4orders*" AND (query="*UNION*" OR query="*SELECT*" OR query="*INSERT*" OR query="*DELETE*")

📊 Metadata

CVE ID: CVE-2024-25845

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: March 8, 2024

Last Updated: May 5, 2025

🔗 References

https://security.friendsofpresta.org/modules/2024/03/05/cdcustomfields4orders.html Patch,Third Party Advisory
https://www.cleanpresta.com Broken Link
https://security.friendsofpresta.org/modules/2024/03/05/cdcustomfields4orders.html Patch,Third Party Advisory
https://www.cleanpresta.com Broken Link

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25845, you might also want to check these: