In this blog post we will briefly describe a Path Traversal vulnerability in PrestaShop open-source e-commerce platform that can be used for privilege escalation. As stated on project’s Wikipedia page it is currently used by 300,000 shops worldwide. Vulnerability Description A vulnerability has been identified in PrestaShop versions below 8.2.0 (tested in 8.1.7 and 8.1.4) […]
General Overview Critical Security discovered two critical vulnerabilities in the Pantera CRM, posing significant risks to data integrity, confidentiality, and availability. These vulnerabilities were identified in versions 401.152 and 402.072 and could allow unauthorized attackers to compromise the system. Pantera CRM is a web-based business management system designed to expedite and automate various processes, and […]
General Overview BONUS is a software solution for payroll and time management, offered to businesses by LABBIS as a part of their paid services. An insecure method call mechanism without proper authorization checks was discovered in version 1.2.29.0 of the software. This vulnerability allows unauthenticated attackers to call arbitrary methods from the LABBIS .NET assemblies. […]
MarkSign is a solution that provides functionality of signing documents electronically. The vendor as part of its ecosystem provides “Mark Sign Software” (v1.1.0) package for Windows that enables use of USB Token or Smart Card based devices. Vulnerability in this software package enables a malicious third-party to deanonymize unsuspecting user over the WEB by means […]
Due to the vulnerability in the “eParaksts signing extension” (v1.1.5) it is possible to extract public certificates of Latvian electronic identity card (eID) users. This can be done by embedding a malicious JavaScript code to a website. For the attack to be successful, the victim must visit the web page hosting the malicious JavaScript code […]
During numerous mobile app security assessments we faced fintech apps for Android, that had an option to protect user data with biometric authentication, but failed to implement it in a secure way leading to authentication bypass. Although the security risk is very low due to attack-specific prerequisites, such as acquiring physical access to a mobile […]
WE.LOCK is a smart home access solution provider that manufactures and sells smart locks. WE.LOCK smart locks can be unlocked using a fingerprint, access codes, RFID tags, a smartphone app via Bluetooth (BLE) or the physical key supplied with a lock. In this article we are focusing on a smartphone app for Android, a mobile […]
We want to share details of a little-known attack vector that we have successfully exploited during numerous security audits. IBM Spectrum Protect is a backup solution that provides data protection for virtual, physical and cloud environments. The solution is based on a client-server architecture. IBM Spectrum Protect client nodes, administrative clients, and servers communicate using […]
Paradox Security Systems is a Canadian company manufacturing alarm systems and various security devices since 1989. One of their most popular family of products are the IP150 internet modules. They are used with their SP, MG and EVO series security alarm panels to enable control and monitoring of the security alarms over the Internet. In […]
In 2020, remote work and digital access to public services have become the new normal. Lithuanian citizens have multiple options for accessing different public services and signing documents online. In this article, we will discuss user privacy issues that our team has recently discovered in two independent e-signature solutions, which have been fixed by now. […]
Critical Security was established in 2007 by a group of cyber security enthusiasts. Since its establishment, the company has been providing high-quality security assessments and penetration tests to various organizations, helping them identify and mitigate potential security threats.
