来源

关联漏洞

描述

 Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE.

介绍

# nmap-CVE-2022-29464
nmap-CVE-2022-29464 is an NSE script for detecting CVE-2022-29464 vulnerability. Unauthorized and unrestricted arbitrary file transfer vulnerability that allows unauthenticated attackers to obtain RCEs on WSO2 servers by sending malicious JSP files.

## Vulnerability
See good writeup and PoC [here](https://github.com/hakivvi/CVE-2022-29464).

## Usage
```
┌──(kali㉿kali)-[~/nmap-CVE-2022-29464]
└─$ nmap 127.0.0.1 --script=./nmap-CVE-2022-29464.nse
(...)
PORT   STATE SERVICE
80/tcp open  http
| nmap-CVE-2022-29464:
|   VULNERABLE:
|   CVE-2022-29464
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2022-29464
|     Check results:
|       127.0.0.1:8080/authenticationendpoint/shell.jsp
|     References:
|_      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29464
```

## Arguments
We can use several variables in the script. These are as follows:
- `path` - relative url. On `https://bugspace.pl/fileupload/toolsAny` it will be `/fileupload/toolsAny`. The default path is `/fileupload/toolsAny`,
- `filename` - file name on the server. The default name is `shell.jsp`.

# Tests
Soon

## License
Same as Nmap. See https://nmap.org/book/man-legal.html

文件快照

 [4.0K]  /data/pocs/590a986ebdc9a1b6362bd55299b66eebc8fa5a2e
├── [4.2K]  nmap-CVE-2022-29464.nse
└── [1.2K]  README.md

0 directories, 2 files

备注