More than 95,000 Magento (Adobe Commerce) servers worldwide are being attacked by a serious vulnerability called Session Reaper. This vulnerability allows hackers to take advantage of a user's login session to execute code remotely and take control of the entire system. Bkav cybersecurity experts assess that Vietnam is among the countries at high risk of being attacked by this vulnerability.
Mr. Hoang Truong Khuong, a cybersecurity expert at Bkav, said that the SessionReaper vulnerability comes from the way Magento processes data through Web API, allowing attackers to insert malicious content into the session and upload a web shell - a malicious file that helps maintain access and control over the server. If successfully exploited, hackers can take over system administration rights, leak payment data or create fake admin accounts to expand the scope of the attack. Versions of Adobe Commerce and Magento Open Source released before October 2025, including branches from 2.4.9-alpha2 and below, are all affected by this vulnerability.
In just 48 hours after the exploit code was made public, the world recorded more than 300 automated attacks targeting more than 130 Magento servers. According to statistics from Sansec Shield, although Adobe released an emergency patch in early September, about 62% of Magento stores have not been updated. With more than 95,000 Magento servers operating publicly worldwide, this number means that thousands of e-commerce websites are still vulnerable to attacks. A delay of just one day can cause serious damage to businesses.
In Vietnam, many e-commerce platforms, including hundreds of famous brands in the fields of retail, fashion and technology... are using Magento. Bkav recommends that Magento system administrators in Vietnam urgently update the official patch from Adobe, and activate the web application firewall (WAF) to filter and block unusual packets. At the same time, businesses should review the entire system, especially checking for the appearance of strange PHP files in the folder, reviewing newly created administrative accounts. In case of suspected intrusion, it is necessary to isolate the server, restore from a clean backup and change all passwords, access keys...
Source: https://www.sggp.org.vn/doanh-nghiep-viet-nam-can-khan-truong-ung-pho-lo-hong-bao-mat-tu-adobe-post821617.html
![[Photo] Panorama of the Patriotic Emulation Congress of Nhan Dan Newspaper for the period 2025-2030](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/04/1762252775462_ndo_br_dhthiduayeuncbaond-6125-jpg.webp)
![[Photo] Opening of the 14th Conference of the 13th Party Central Committee](https://vphoto.vietnam.vn/thumb/1200x675/vietnam/resource/IMAGE/2025/11/05/1762310995216_a5-bnd-5742-5255-jpg.webp)
Comment (0)