Today even the big financial players like PayPal,
who are expected to deliver secured services to its
users, aren’t safe from the hacking attacks and
vulnerabilities. Actually they are the one who are
constantly targeted by hackers. Here I am going
to tell you about a critical remote code execution
vulnerability that has been reported in PayPal. This
vulnerability can be used by a cyber criminal to
execute arbitrary codes on PayPal’s web-application
server used in its marketing online service.
This vulnerability in PayPal is detected on the Java
Debug Wire Protocol (JDWP) of the web-application
server. This vulnerability was detected by a
security researcher Milan A Solanki. He is an
independent security researcher and his discovery
has been rated Critical with a CVSS count of 9.3
by Vulnerability Lab.
Java Debug Wire Protocol is used for making a link
between a Java virtual machine and a PayPal
debugger. This doesn’t use any authentication and
permissions, but could be exploited by hackers.
Here is the video provided by Solanki to
demonstrate the hack. THN writes that he used
jdwp-shellifier tool from GitHub and found the
port 8000 open. This open port helped him to
establish a connection without having any
permissions and thus execute the remote code
vulnerability.
This flaw could provide unauthorized access to the
PayPal hacker, so he/she can execute specific
malicious codes against the system to totally
compromise the server.
He has reported the flaw to the PayPal team and
they have fixed the flaw.
Are you worried about the security of your
financial service provider? Tell us in comments
below.
No comments:
Post a Comment