Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2022-47986 PoC — IBM Aspera Faspex 代码问题漏洞

Source
https://github.com/ohnonoyesyes/CVE-2022-47986
Associated Vulnerability
Title:IBM Aspera Faspex 代码问题漏洞 (CVE-2022-47986)
Description:IBM Aspera是美国国际商业机器(IBM)公司的一套基于IBM FASP协议构建的快速文件传输和流解决方案。 IBM Aspera Faspex 4.4.2 Patch Level 1版本及之前版本存在代码问题漏洞,该漏洞源于YAML反序列化缺陷。攻击者利用该漏洞在系统上执行任意代码。
Description
Aspera Faspex Pre Auth RCE
Readme
# CVE-2022-47986
Aspera Faspex Pre Auth RCE

https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/

Poc Usage:

```
python3 poc.py https://xxxxx whoami
```
File Snapshot

 [4.0K]  /data/pocs/5f3fdca10883ec94bfa34654f51157963cd87a35
├── [1.5K]  poc.py
└── [ 167]  README.md

0 directories, 2 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.