Miggo Logo
Miggo Vulnerability Database
CVE-2019-8230

CVE-2019-8230: Magento Remote code execution through support/output path modification

7.2

CVSS Score
3.1

Basic Information

CVE ID
CVE-2019-8230
GHSA ID
GHSA-qp43-2vhf-cj8g
EPSS Score
0.41037%
CWE
CWE-94
Published
5/24/2022
Updated
1/10/2024
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
magento/corecomposer< 1.9.4.31.9.4.3

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper sanitization of the 'support/output' path configuration value. The primary entry point is the admin configuration save controller (ConfigController::saveAction), which processes user input. The lack of validation allows crafted paths to be stored via Mage_Core_Model_Config_Data::save. These paths are then likely used in file operations (e.g., log generation, template rendering) where PHP code execution occurs. While the exact code execution vector isn't visible without patch details, the high-privilege configuration handling functions are the logical points of failure for CWE-94.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

In M***nto Op*n Sour** prior to *.*.*.*, *n* M***nto *omm*r** prior to *.**.*.*, *n *ut**nti**t** us*r wit* **ministr*tiv* privil***s to **it *on*i*ur*tion s*ttin*s **n *x**ut* *r*itr*ry *o** t*rou** * *r**t** support/output p*t*.

Reasoning

T** vuln*r**ility st*ms *rom improp*r s*nitiz*tion o* t** 'support/output' p*t* *on*i*ur*tion v*lu*. T** prim*ry *ntry point is t** **min *on*i*ur*tion s*v* *ontroll*r (*on*i**ontroll*r::s*v***tion), w*i** pro**ss*s us*r input. T** l**k o* v*li**tion