id: magento-2-exposed-api info: name: Exposed Magento 2 API author: TechbrunchFR severity: info description: The API in Magento 2 can be accessed by the world without providing credentials. Through the API information like storefront, (hidden) products including prices are exposed. reference: - https://support.hypernode.com/en/ecommerce/magento-2/how-to-protect-the-magento-2-api classification: cpe: cpe:2.3:a:magento:magento:*:*:*:*:*:*:*:* metadata: max-request: 3 vendor: magento product: magento shodan-query: http.component:"Magento" tags: magento http: - method: GET path: - '{{BaseURL}}/rest/V1/products' - '{{BaseURL}}/rest/V1/store/storeConfigs' - '{{BaseURL}}/rest/V1/store/storeViews' matchers-condition: or matchers: - type: dsl dsl: - 'contains(body, "searchCriteria")' - 'contains(body, "parameters")' - 'contains(body, "message")' - 'contains(tolower(header), "application/json")' condition: and - type: dsl dsl: - 'contains(body, "secure_base_link_url")' - 'contains(body, "timezone")' - 'contains(tolower(header), "application/json")' - 'status_code == 200' condition: and - type: dsl dsl: - 'contains(body, "name")' - 'contains(body, "website_id")' - 'contains(tolower(header), "application/json")' - 'status_code == 200' condition: and # digest: 490a0046304402205108a66aabb3bfd2cfa26f2fd4816a1afa5f3c52dd43f5ea029a1308d8079204022045463c3b751fd59511882d4eb2e2f046f4f31c5f5c3fcc52daac8d8adcb2214d:922c64590222798bb761d5b6d8e72950