KonaKart Path Traversal Vulnerability

[ajcraggs@xxxxxxxxx]

Product overview:

"KonaKart is a java based eCommerce software platform trusted by top brands 
throughout the world to give them a stable, high-
performance online store".

Vulnerability overview:

KonaKart eCommerce Platform prior to verion 8.8 is vulnerable to a directory 
traversal flaw in the admin console that would allow an attacker to download 
sensitive application or system files, or upload malicious files and take 
control of the server. The vulnerability exists due to improper validation of 
the upload file path.

The vendor has released version 8.8 which among other things, addresses this 
issue. It includes new functionality which allows administrators to pre-define 
allowed file paths and does not allow writing to or downloading from locations 
outside of these pre-defined file paths.

The vulnerability has been assigned CVE-2017-17108.

To mitigate the issue, users should:

- Apply the latest patch (ie. update to v8.8)
- Ensure default KonaKart default accounts are removed or have strong passwords 
set
- Restrict access to the shop administrative console via IP white listing

Timeline:

24/11/2017 - Vulnerability discovered
28/11/2017 - Vulnerability disclosed to vendor and discussion around impact and 
exploitability ensues.
04/12/2017 - CVE requested and assigned; vendor advised of CVE number. Work 
commences by vendor to fix issue and confirm patch resolves said vulnerability.
20/01/2018 - Patch released by vendor and users advised to patch.