De populaire webwinkel-software Prestashop bevat een ernstige kwetsbaarheid. Gebruikers van Prestashop wordt aangeraden per direct een update uit te voeren van de webwinkel software. De kwetsbaarheid kan leiden tot inbraak op uw website en onder andere diefstal van gegevens (AVG-consequentie).
De makers van Prestashop schrijven over de bug:
On January 2nd, we discovered a malware named XsamXadoo Bot. This malware can be used to have access to an online store and take control of it.
We now believe that the bot used a known vulnerability of the PHP tool PHPUnit that has been reported as CVE-2017-9841.
Here is what you need to do, it should take only 5 minutes.
1) Is my website vulnerable?
To know if your store is vulnerable to an attack, this is what you should do. If you’re uncomfortable managing files on your server, contact your qualified team member:
- On your server, look into the Vendor folder at the root level of your PrestaShop website. If the Vendor folder contains a “phpunit” folder, you may be vulnerable to an outside attacker. You can now simply delete the “phpunit” folder and its content.
- Once you checked the main PrestaShop folder, repeat the same steps but inside each module folder:
In each module folder, check if there is a Vendor folder Inside the Vendor folder of each module, check if there is a folder named “phpunit”. If one module folder contains this “phpunit” folder, this module may make you vulnerable to an outside attacker. You can simply delete the “phpunit” folder.
- Double check if every module Vendor folder does not contain a “phpunit folder”.
It will not affect module behavior. This simple step will protect your online store from this vulnerability, but remember that your website may have already been compromised.
→ If you did not find any module containing this phpunit folder, your store is not vulnerable.
For more technically detailed instructions, please visit our dedicated post.
2) What can happen if my store is compromised?
This vulnerability gives an attacker access to your website: for instance, this means an attacker can potentially steal your data.
Wij raden u derhalve aan per direct aktie te ondernemen als u gebruik maakt van Prestashop!