# N/A
## 漏洞概述
某些WSO2产品允许不受限制的文件上传,从而导致远程代码执行。攻击者需要使用带有Content-Disposition目录遍历序列的/fileupload端点,以访问位于web根目录下的目录(例如../../../repository/deployment/server/webapps)。
## 影响版本
- WSO2 API Manager 2.2.0 至 4.0.0
- WSO2 Identity Server 5.2.0 至 5.11.0
- WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, 5.6.0
- WSO2 Identity Server as Key Manager 5.3.0 至 5.11.0
- WSO2 Enterprise Integrator 6.2.0 至 6.6.0
- WSO2 Open Banking AM 1.4.0 至 2.0.0
- WSO2 Open Banking KM 1.4.0 至 2.0.0
## 细节
攻击者利用该漏洞上传恶意文件,这些文件可以被放置到web根目录下的特定目录中(例如,使用Content-Disposition含有的目录遍历序列)。攻击者可以在目标服务器上执行任意代码,这可能造成严重的安全风险。
## 影响
攻击者可以通过该漏洞在受感染的系统上执行任意代码,可能导致系统被完全控制,包括但不限于数据泄露、系统损坏或进一步的恶意行动。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | WSO2 RCE (CVE-2022-29464) exploit and writeup. | https://github.com/hakivvi/CVE-2022-29464 | POC详情 |
| 2 | None | https://github.com/tufanturhan/wso2-rce-cve-2022-29464 | POC详情 |
| 3 | Pre-auth RCE bug CVE-2022-29464 | https://github.com/mr-r3bot/WSO2-CVE-2022-29464 | POC详情 |
| 4 | cve-2022-29464 批量脚本 | https://github.com/Lidong-io/cve-2022-29464 | POC详情 |
| 5 | WSO2 RCE (CVE-2022-29464) | https://github.com/h3v0x/CVE-2022-29464 | POC详情 |
| 6 | Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE. | https://github.com/gpiechnik2/nmap-CVE-2022-29464 | POC详情 |
| 7 | None | https://github.com/0xAgun/CVE-2022-29464 | POC详情 |
| 8 | 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. | https://github.com/oppsec/WSOB | POC详情 |
| 9 | None | https://github.com/crypticdante/CVE-2022-29464 | POC详情 |
| 10 | None | https://github.com/lowkey0808/cve-2022-29464 | POC详情 |
| 11 | CVE-2022-29464 POC exploit | https://github.com/superzerosec/CVE-2022-29464 | POC详情 |
| 12 | 1 | https://github.com/axin2019/CVE-2022-29464 | POC详情 |
| 13 | cve-2022-29464 EXP | https://github.com/LinJacck/CVE-2022-29464 | POC详情 |
| 14 | A bots loader for CVE-2022-29464 with multithreading | https://github.com/Inplex-sys/CVE-2022-29464-loader | POC详情 |
| 15 | Python script to exploit CVE-2022-29464 (mass mode) | https://github.com/Chocapikk/CVE-2022-29464 | POC详情 |
| 16 | CVE-2022-29464 PoC for WSO2 products | https://github.com/jimidk/Better-CVE-2022-29464 | POC详情 |
| 17 | Mass Exploit for CVE 2022-29464 on Carbon | https://github.com/electr0lulz/Mass-exploit-CVE-2022-29464 | POC详情 |
| 18 | Python script to exploit CVE-2022-29464 (mass mode) | https://github.com/xinghonghaoyue/CVE-2022-29464 | POC详情 |
| 19 | CVE-2022-29464 Exploit | https://github.com/Pasch0/WSO2RCE | POC详情 |
| 20 | None | https://github.com/r4x0r1337/-CVE-2022-29464 | POC详情 |
| 21 | None | https://github.com/amit-pathak009/CVE-2022-29464 | POC详情 |
| 22 | None | https://github.com/amit-pathak009/CVE-2022-29464-mass | POC详情 |
| 23 | WSO2 Arbitrary File Upload to Remote Command Execution (RCE) | https://github.com/hupe1980/CVE-2022-29464 | POC详情 |
| 24 | RCE exploit for WSO2 | https://github.com/gbrsh/CVE-2022-29464 | POC详情 |
| 25 | None | https://github.com/Jhonsonwannaa/CVE-2022-29464- | POC详情 |
| 26 | None | https://github.com/devengpk/CVE-2022-29464 | POC详情 |
| 27 | Perform With Mass Exploits In WSO Management. | https://github.com/ThatNotEasy/CVE-2022-29464 | POC详情 |
| 28 | A PoC and Exploit for CVE 2022-29464 | https://github.com/Pushkarup/CVE-2022-29464 | POC详情 |
| 29 | SynixCyberCrimeMY CVE Exploiter By SamuraiMelayu1337 & ?/h4zzzzzz.scc | https://github.com/SynixCyberCrimeMy/CVE-2022-29464 | POC详情 |
| 30 | WSO2 RCE (CVE-2022-29464) | https://github.com/hev0x/CVE-2022-29464 | POC详情 |
| 31 | None | https://github.com/H3xL00m/CVE-2022-29464 | POC详情 |
| 32 | None | https://github.com/n3ov4n1sh/CVE-2022-29464 | POC详情 |
| 33 | None | https://github.com/c0d3cr4f73r/CVE-2022-29464 | POC详情 |
| 34 | CVE-2022-29464 exploit script | https://github.com/cc3305/CVE-2022-29464 | POC详情 |
| 35 | None | https://github.com/Sp3c73rSh4d0w/CVE-2022-29464 | POC详情 |
| 36 | None | https://github.com/0xwh1pl4sh/CVE-2022-29464 | POC详情 |
| 37 | None | https://github.com/N3rdyN3xus/CVE-2022-29464 | POC详情 |
| 38 | None | https://github.com/NyxByt3/CVE-2022-29464 | POC详情 |
| 39 | None | https://github.com/h3xcr4ck3r/CVE-2022-29464 | POC详情 |
| 40 | None | https://github.com/mpvx/CVE-2022-29464 | POC详情 |
| 41 | None | https://github.com/n3rdh4x0r/CVE-2022-29464 | POC详情 |
| 42 | Python script to exploit CVE-2022-29464 (mass mode) | https://github.com/g0dxing/CVE-2022-29464 | POC详情 |
| 43 | None | https://github.com/c1ph3rbyt3/CVE-2022-29464 | POC详情 |
| 44 | Mass Exploit for CVE 2022-29464 on Carbon | https://github.com/hxlxmj/Mass-exploit-CVE-2022-29464 | POC详情 |
| 45 | 😭 WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464. | https://github.com/000pp/WSOB | POC详情 |
| 46 | Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2022/CVE-2022-29464.yaml | POC详情 |
| 47 | None | https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/WSO2%20fileupload%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%20CVE-2022-29464.md | POC详情 |
| 48 | None | https://github.com/h3x0v3rl0rd/CVE-2022-29464 | POC详情 |
| 49 | A bots loader for CVE-2022-29464 with multithreading | https://github.com/SystemVll/CVE-2022-29464-loader | POC详情 |
暂无评论