Gestión de sesión incorrecta para el cierre de sesión suave

The SSRF vulnerability in PrestaShop allows an attacker to craft malicious requests that the server will execute. This can be exploited to access internal resources that are not directly accessible from the outside, such as internal APIs, databases, or even other systems within the same network. An attacker could potentially read sensitive configuration files, access customer data, or even trigger actions on other systems. The impact is amplified if the PrestaShop instance is deployed in an environment with privileged access or connected to other critical systems. While the description mentions 'executing customer commands,' the precise nature of this command execution requires further investigation, but the SSRF vector provides a significant attack surface.

PrestaShop installations running versions 1.5.0 through 1.7.7.1 are at risk. This includes e-commerce businesses relying on PrestaShop for their online storefronts, particularly those with limited security expertise or those who have not applied recent security updates. Shared hosting environments where multiple PrestaShop instances share the same server resources are also at increased risk.

• php: Examine PrestaShop logs for unusual outbound HTTP requests, particularly those targeting internal resources or unexpected domains. Use grep to search for patterns indicative of SSRF attempts.

grep -i 'request_uri: internal_resource' /path/to/prestashop/var/logs/presta.log

• generic web: Monitor access logs for requests originating from the PrestaShop server to internal IP addresses or unusual domains. Use curl to test for SSRF by attempting to access internal resources through the PrestaShop instance.

curl -v http://localhost/internal_resource

1. 2021-02-26Disclosure

   disclosure

1. Reservado2020-12-22
2. Publicada2021-02-26
3. Modificada2024-08-03
4. EPSS actualizado2026-04-02

The primary mitigation for CVE-2021-21308 is to upgrade PrestaShop to version 1.7.7.2 or later, which includes the fix for this vulnerability. If upgrading immediately is not feasible, consider implementing temporary workarounds. Restrict outbound network access from the PrestaShop server using a Web Application Firewall (WAF) or proxy to block suspicious requests. Carefully review and restrict the allowed protocols and domains that PrestaShop can access. Monitor PrestaShop logs for unusual outbound requests that could indicate exploitation attempts. After upgrading, confirm the fix by attempting to trigger the SSRF vulnerability and verifying that the request is blocked.