Skip to content
Nuclei Templates

Exposed Magento 2 API

ID: magento-2-exposed-api

Severity: info

Author: TechbrunchFR

Tags: magento

Description

Section titled “Description”

The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed.

YAML Source

Section titled “YAML Source”
id: magento-2-exposed-api


info:
  name: Exposed Magento 2 API
  author: TechbrunchFR
  severity: info
  description: The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed.
  reference:
    - https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api
  classification:
    cpe: cpe:2.3:a:magento:magento:*:*:*:*:*:*:*:*
  metadata:
    max-request: 3
    vendor: magento
    product: magento
    shodan-query: http.component:"Magento"
  tags: magento


http:
  - method: GET
    path:
      - '{{BaseURL}}/rest/V1/products'
      - '{{BaseURL}}/rest/V1/store/storeConfigs'
      - '{{BaseURL}}/rest/V1/store/storeViews'


    matchers-condition: or
    matchers:
      - type: dsl
        dsl:
          - 'contains(body, "searchCriteria")'
          - 'contains(body, "parameters")'
          - 'contains(body, "message")'
          - 'contains(tolower(header), "application/json")'
        condition: and


      - type: dsl
        dsl:
          - 'contains(body, "secure_base_link_url")'
          - 'contains(body, "timezone")'
          - 'contains(tolower(header), "application/json")'
          - 'status_code == 200'
        condition: and


      - type: dsl
        dsl:
          - 'contains(body, "name")'
          - 'contains(body, "website_id")'
          - 'contains(tolower(header), "application/json")'
          - 'status_code == 200'
        condition: and
# digest: 4b0a00483046022100c6eeacde28954742c110fe2b05f34f6f84e69ccfd2807deb5a3c16e617765379022100a06bf6485e6b73f1e72943ff5acca5f708f19eac9823c32e0807d915932c0ca9:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/vulnerabilities/magento/magento-2-exposed-api.yaml"

View on Github