id: magento-2-exposed-api info: name: Exposed Magento 2 API author: TechbrunchFR severity: info description: The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed. reference: - https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api classification: cpe: cpe:2.3:a:magento:magento:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: magento product: magento shodan-query: http.component:"Magento" tags: magento http: - method: GET path: - '{{BaseURL}}/rest/V1/products' - '{{BaseURL}}/rest/V1/store/storeConfigs' - '{{BaseURL}}/rest/V1/store/storeViews' matchers-condition: or matchers: - type: dsl dsl: - 'contains(body, "searchCriteria")' - 'contains(body, "parameters")' - 'contains(body, "message")' - 'contains(tolower(header), "application/json")' condition: and - type: dsl dsl: - 'contains(body, "secure_base_link_url")' - 'contains(body, "timezone")' - 'contains(tolower(header), "application/json")' - 'status_code == 200' condition: and - type: dsl dsl: - 'contains(body, "name")' - 'contains(body, "website_id")' - 'contains(tolower(header), "application/json")' - 'status_code == 200' condition: and # digest: 4a0a00473045022100b1adea1874f5175aa2a64de3860415324b7df344c5889077115f1d50c430485202200db51bfea750993197cce9eb2e52bc1d07fef9159296a6d83f0e4be369b72aad:922c64590222798bb761d5b6d8e72950