一、 漏洞 CVE-2022-29464 基础信息
漏洞信息
                                        # N/A

## 漏洞概述
某些WSO2产品允许不受限制的文件上传,从而导致远程代码执行。攻击者需要使用带有Content-Disposition目录遍历序列的/fileupload端点,以访问位于web根目录下的目录(例如../../../repository/deployment/server/webapps)。

## 影响版本
- WSO2 API Manager 2.2.0 至 4.0.0
- WSO2 Identity Server 5.2.0 至 5.11.0
- WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, 5.6.0
- WSO2 Identity Server as Key Manager 5.3.0 至 5.11.0
- WSO2 Enterprise Integrator 6.2.0 至 6.6.0
- WSO2 Open Banking AM 1.4.0 至 2.0.0
- WSO2 Open Banking KM 1.4.0 至 2.0.0

## 细节
攻击者利用该漏洞上传恶意文件,这些文件可以被放置到web根目录下的特定目录中(例如,使用Content-Disposition含有的目录遍历序列)。攻击者可以在目标服务器上执行任意代码,这可能造成严重的安全风险。

## 影响
攻击者可以通过该漏洞在受感染的系统上执行任意代码,可能导致系统被完全控制,包括但不限于数据泄露、系统损坏或进一步的恶意行动。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
来源:美国国家漏洞数据库 NVD
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
WSO2 API Manager 路径遍历漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
WSO2 API Manager是美国WSO2公司的一套API生命周期管理解决方案。 WSO2 API Manager 存在路径遍历漏洞,该漏洞允许无限制的文件上传和远程代码执行。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
路径遍历
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2022-29464 的公开POC
# POC 描述 源链接 神龙链接
1 WSO2 RCE (CVE-2022-29464) exploit and writeup. https://github.com/hakivvi/CVE-2022-29464 POC详情
2 None https://github.com/tufanturhan/wso2-rce-cve-2022-29464 POC详情
3 Pre-auth RCE bug CVE-2022-29464 https://github.com/mr-r3bot/WSO2-CVE-2022-29464 POC详情
4 cve-2022-29464 批量脚本 https://github.com/Lidong-io/cve-2022-29464 POC详情
5 WSO2 RCE (CVE-2022-29464) https://github.com/h3v0x/CVE-2022-29464 POC详情
6 Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE. https://github.com/gpiechnik2/nmap-CVE-2022-29464 POC详情
7 None https://github.com/0xAgun/CVE-2022-29464 POC详情
8 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. https://github.com/oppsec/WSOB POC详情
9 None https://github.com/crypticdante/CVE-2022-29464 POC详情
10 None https://github.com/lowkey0808/cve-2022-29464 POC详情
11 CVE-2022-29464 POC exploit https://github.com/superzerosec/CVE-2022-29464 POC详情
12 1 https://github.com/axin2019/CVE-2022-29464 POC详情
13 cve-2022-29464 EXP https://github.com/LinJacck/CVE-2022-29464 POC详情
14 A bots loader for CVE-2022-29464 with multithreading https://github.com/Inplex-sys/CVE-2022-29464-loader POC详情
15 Python script to exploit CVE-2022-29464 (mass mode) https://github.com/Chocapikk/CVE-2022-29464 POC详情
16 CVE-2022-29464 PoC for WSO2 products https://github.com/jimidk/Better-CVE-2022-29464 POC详情
17 Mass Exploit for CVE 2022-29464 on Carbon https://github.com/electr0lulz/Mass-exploit-CVE-2022-29464 POC详情
18 Python script to exploit CVE-2022-29464 (mass mode) https://github.com/xinghonghaoyue/CVE-2022-29464 POC详情
19 CVE-2022-29464 Exploit https://github.com/Pasch0/WSO2RCE POC详情
20 None https://github.com/r4x0r1337/-CVE-2022-29464 POC详情
21 None https://github.com/amit-pathak009/CVE-2022-29464 POC详情
22 None https://github.com/amit-pathak009/CVE-2022-29464-mass POC详情
23 WSO2 Arbitrary File Upload to Remote Command Execution (RCE) https://github.com/hupe1980/CVE-2022-29464 POC详情
24 RCE exploit for WSO2 https://github.com/gbrsh/CVE-2022-29464 POC详情
25 None https://github.com/Jhonsonwannaa/CVE-2022-29464- POC详情
26 None https://github.com/devengpk/CVE-2022-29464 POC详情
27 Perform With Mass Exploits In WSO Management. https://github.com/ThatNotEasy/CVE-2022-29464 POC详情
28 A PoC and Exploit for CVE 2022-29464 https://github.com/Pushkarup/CVE-2022-29464 POC详情
29 SynixCyberCrimeMY CVE Exploiter By SamuraiMelayu1337 & ?/h4zzzzzz.scc https://github.com/SynixCyberCrimeMy/CVE-2022-29464 POC详情
30 WSO2 RCE (CVE-2022-29464) https://github.com/hev0x/CVE-2022-29464 POC详情
31 None https://github.com/H3xL00m/CVE-2022-29464 POC详情
32 None https://github.com/n3ov4n1sh/CVE-2022-29464 POC详情
33 None https://github.com/c0d3cr4f73r/CVE-2022-29464 POC详情
34 CVE-2022-29464 exploit script https://github.com/cc3305/CVE-2022-29464 POC详情
35 None https://github.com/Sp3c73rSh4d0w/CVE-2022-29464 POC详情
36 None https://github.com/0xwh1pl4sh/CVE-2022-29464 POC详情
37 None https://github.com/N3rdyN3xus/CVE-2022-29464 POC详情
38 None https://github.com/NyxByt3/CVE-2022-29464 POC详情
39 None https://github.com/h3xcr4ck3r/CVE-2022-29464 POC详情
40 None https://github.com/mpvx/CVE-2022-29464 POC详情
41 None https://github.com/n3rdh4x0r/CVE-2022-29464 POC详情
42 Python script to exploit CVE-2022-29464 (mass mode) https://github.com/g0dxing/CVE-2022-29464 POC详情
43 None https://github.com/c1ph3rbyt3/CVE-2022-29464 POC详情
44 Mass Exploit for CVE 2022-29464 on Carbon https://github.com/hxlxmj/Mass-exploit-CVE-2022-29464 POC详情
45 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. https://github.com/000pp/WSOB POC详情
46 Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0. https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-29464.yaml POC详情
47 None https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/WSO2%20fileupload%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%20CVE-2022-29464.md POC详情
三、漏洞 CVE-2022-29464 的情报信息