Sansec发现Magento REST API存在严重安全漏洞，攻击者可在未经身份验证的情况下上传任意可执行文件，实现远程代码执行和账户劫持。该漏洞被命名为PolyShell，利用将恶意代码伪装成图像的方式进行攻击。漏洞影响Magento开源版和Adobe Commerce 2.4.9-alpha2之前的所有版本，源于REST API接受文件上传作为购物车项目自定义选项的机制缺陷。

A critical vulnerability that could lead to account takeover and remote code execution has been patched in Magento and Adobe Commerce. Security experts warn of exploits soon. Adobe issued an emergency ...