# N/A
## 概述
SAP NetWeaver Application Server ABAP、SAP NetWeaver Application Server Java、ABAP Platform、SAP Content Server 7.53以及SAP Web Dispatcher存在请求伪造(Request Smuggling)和请求拼接(Request Concatenation)漏洞。未认证攻击者可将任意数据附加到受害者的请求前面,从而冒充受害者执行功能或污染中间Web缓存。
## 影响版本
- SAP NetWeaver Application Server ABAP
- SAP NetWeaver Application Server Java
- ABAP Platform
- SAP Content Server 7.53
- SAP Web Dispatcher
## 细节
攻击者利用此漏洞可以在未认证的情况下,将自定义数据追加到受害者的请求前面。这可能允许攻击者冒充受害者执行敏感操作,或污染中间Web缓存。
## 影响
成功利用此漏洞可能导致系统完整性的丧失,破坏其保密性、完整性和可用性。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. | https://github.com/antx-code/CVE-2022-22536 | POC详情 |
| 2 | None | https://github.com/tess-ss/SAP-memory-pipes-desynchronization-vulnerability-MPI-CVE-2022-22536 | POC详情 |
| 3 | SAP memory pipes(MPI) desynchronization vulnerability CVE-2022-22536. | https://github.com/ZZ-SOCMAP/CVE-2022-22536 | POC详情 |
| 4 | SAPGateBreaker is a PoC exploit for CVE-2022-22536, a critical HTTP Request Smuggling vulnerability in SAP NetWeaver. It demonstrates how to bypass ACLs by desynchronizing request parsing between ICM and backend services using crafted Content-Length-based payloads. | https://github.com/BecodoExploit-mrCAT/SAPGateBreaker-Exploit | POC详情 |
| 5 | SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This way, the attacker can execute functions impersonating the victim or poison intermediary web caches. A successful attack could result in complete compromise of Confidentiality, Integrity and Availability of the system. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-22536.yaml | POC详情 |
暂无评论