CVE-2022-29464
Description
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
Severity: CRITICAL
CVE ID: CVE-2022-29464
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2022-29464
Refrence: Project Discovery GitHub
hakivvi
WSO2 RCE (CVE-2022-29464) exploit and writeup.
Refrence: GitHub
tufanturhan
Refrence: GitHub
mr-r3bot
Pre-auth RCE bug CVE-2022-29464
Refrence: GitHub
Lidong-io
cve-2022-29464 批量脚本
Refrence: GitHub
hev0x
WSO2 RCE (CVE-2022-29464)
Refrence: GitHub
gpiechnik2
Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE.
Refrence: GitHub
0xAgun
Refrence: GitHub
oppsec
😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.
Refrence: GitHub
c0d3cr4f73r
Refrence: GitHub
lowkey0808
Refrence: GitHub
superzerosec
CVE-2022-29464 POC exploit
Refrence: GitHub
axin2019
1
Refrence: GitHub
LinJacck
cve-2022-29464 EXP
Refrence: GitHub
Inplex-sys
A bots loader for CVE-2022-29464 with multithreading
Refrence: GitHub
Chocapikk
Python script to exploit CVE-2022-29464 (mass mode)
Refrence: GitHub
jimidk
CVE-2022-29464 PoC for WSO2 products
Refrence: GitHub
electr0lulz
Mass Exploit for CVE 2022-29464 on Carbon
Refrence: GitHub
xinghonghaoyue
Python script to exploit CVE-2022-29464 (mass mode)
Refrence: GitHub
Pasch0
CVE-2022-29464 Exploit
Refrence: GitHub
r4x0r1337
Refrence: GitHub
amit-pathak009
Refrence: GitHub
amit-pathak009
Refrence: GitHub
hupe1980
WSO2 Arbitrary File Upload to Remote Command Execution (RCE)
Refrence: GitHub
gbrsh
RCE exploit for WSO2
Refrence: GitHub
Jhonsonwannaa
Refrence: GitHub
devengpk
Refrence: GitHub
ThatNotEasy
Perform With Mass Exploits In WSO Management.
Refrence: GitHub
Pushkarup
A PoC and Exploit for CVE 2022-29464
Refrence: GitHub
SynixCyberCrimeMy
SynixCyberCrimeMY CVE Exploiter By SamuraiMelayu1337 & ?/h4zzzzzz.scc
Refrence: GitHub
Content on GitHub
badguy233 | watchers:0
CVE-2022-29465
CVE-2022-29464
Refrence: GitHub
W01fh4cker | watchers:1133
Serein
【懒人神器】一款图形化、批量采集url、批量对采集的url进行各种nday检测的工具。可用于src挖掘、cnvd挖掘、0day利用、打造自己的武器库等场景。可以批量利用Actively Exploited Atlassian Confluence 0Day CVE-2022-26134和DedeCMS v5.7.87 SQL注入 CVE-2022-23337。
Refrence: GitHub