CVE-2022-29464

Warnung

Exploit

EPSS 94.43%
Veröffentlicht 18.04.2022 22:15:09
Zuletzt bearbeitet 07.11.2025 19:01:08
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.

Betroffene Produkte Warnungen 1 Metriken 4 CWE 1 Referenzen 8

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Wso2 ≫ Api Manager Version >= 2.2.0 <= 4.0.0

Wso2 ≫ Enterprise Integrator Version >= 6.2.0 <= 6.6.0

Wso2 ≫ Identity Server Version >= 5.2.0 <= 5.11.0

Wso2 ≫ Identity Server Analytics Version5.4.0

Wso2 ≫ Identity Server Analytics Version5.4.1

Wso2 ≫ Identity Server Analytics Version5.5.0

Wso2 ≫ Identity Server Analytics Version5.6.0

Wso2 ≫ Identity Server As Key Manager Version >= 5.3.0 <= 5.10.0

Wso2 ≫ Open Banking Am Version >= 1.3.0 <= 2.0.0

Wso2 ≫ Open Banking Iam Version2.0.0

Wso2 ≫ Open Banking Km Version >= 1.3.0 <= 1.5.0

25.04.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog

WSO2 Multiple Products Unrestrictive Upload of File Vulnerability

Schwachstelle

Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution.

Beschreibung

Apply updates per vendor instructions.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	94.43%	1

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C
cve@mitre.org	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

http://packetstormsecurity.com/files/166921/WSO-Arbitrary-File-Upload-Remote-Code-Execution.html

Third Party Advisory

Exploit

VDB Entry

http://www.openwall.com/lists/oss-security/2022/04/22/7

Third Party Advisory

Mailing List

https://github.com/hakivvi/CVE-2022-29464

Third Party Advisory

Exploit

https://security.docs.wso2.com/en/latest/security-announcements/security-advisories/2022/WSO2-2021-1738/

Vendor Advisory