14 DAY TRIAL // German security engineer David Vieira-Kurz has identified a vulnerability on the Southeast Asia subdomain of eBay (sea.ebay.com). The security hole, caused by a “type-cast issue in combination with complex curly syntax,” could have been exploited by a remote attacker to execute arbitrary code.
The expert says he has only exploited the vulnerability to the point where he could prove its existence to eBay’s security team. However, he believes cybercriminals might have been able to exploit it to compromise the entire webserver.
The flaw was discovered and reported on December 6, 2013. eBay deployed a fix on December 9.
It’s worth noting that the same researcher uncovered an exploitable SQL Injection vulnerability on the same subdomain last year.
Check out the video for the proof-of-concept. For additional technical details, go to Vieira-Kurz’s blog.