Vulnerability Management

Attacks involving Adobe Commerce SessionReaper vulnerability ongoing

Adobe Stock

BleepingComputer reports that more than 250 exploitation attempts involving the critical improper input validation flaw in Adobe Commerce, tracked as CVE-2025-54236, have been discovered and blocked by e-commerce security firm Sansec more than a month after patches for the vulnerability, also known as SessionReaper, were released.

Attempted exploitation of SessionReaper against Magento stores mostly stemmed from five IP addresses, with intrusions involving PHP webshells and phpinfo investigations into configuration settings and predefined system variables, according to Sansec researchers, who noted that 62% of online stores continue to be susceptible to potential attacks.

Further abuse of the security issue, which could result in customer account hijacking, is expected following SearchLight Cyber's release of a technical analysis of CVE-2025-54236. Active exploitation of SessionReaper should prompt website administrators to promptly implement released fixes. Organizations that cannot do so have been urged to immediately apply the mitigations advised by Adobe.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds