Today even the big financial players like PayPal, who are expected to deliver secured services to its users, aren’t safe from the hacking attacks and vulnerabilities. Actually they are the one who are constantly targeted by hackers. Here I am going to tell you about a critical remote code execution vulnerability that has been reported in PayPal. This vulnerability can be used by a cyber criminal to execute arbitrary codes on PayPal’s web-application server used in its marketing online service.
This vulnerability in PayPal is detected on the Java Debug Wire Protocol (JDWP) of the web-application server. This vulnerability was detected by a security researcher Milan A Solanki. He is an independent security researcher and his discovery has been rated Critical with a CVSS count of 9.3 by Vulnerability Lab.
Java Debug Wire Protocol is used for making a link between a Java virtual machine and a PayPal debugger. This doesn’t use any authentication and permissions, but could be exploited by hackers.
Here is the video provided by Solanki to demonstrate the hack. THN writes that he used jdwp-shellifier tool from GitHub and found the port 8000 open. This open port helped him to establish a connection without having any permissions and thus execute the remote code vulnerability.
This flaw could provide unauthorized access to the PayPal hacker, so he/she can execute specific malicious codes against the system to totally compromise the server.
He has reported the flaw to the PayPal team and they have fixed the flaw.
Are you worried about the security of your financial service provider? Tell us in comments below.