by vicarius
log in join community
by @khurram.arif
24 Dec 2022
#cve_analysis

Write a blog analysis for a CVE

publish

WSO2 RCE (CVE-2022-29464)

by @khurram.arif
by @khurram.arif
24 Dec 2022
#cve_analysis

Write a blog analysis for a CVE

publish

WSO2 RCE (CVE-2022-29464)

CVEs

CVE-2022-29464
9.8 Critical Severity

Apps

IS
Identity ServerWSO2
*.*
5.4.0.*
5.7.0.*
5.10.0.*
5.2.0.*
5.9.0.*
5.3.0.*
5.6.0.*
5.1.0.*
5.5.0.*
AM
API ManagerWSO2
*.*
1.10.0.*
4.2.0.Alpha
4.2.0.M1
4.2.0.RC
4.2.0.Beta
4.2.0.RC2
4.2.0.-
1.9.0.*
1.7.0.*
EI
Enterprise IntegratorWSO2
*.*
6.2.0.*
6.3.0.*
6.1.1.*
6.6.0.*
ISA
Identity Server AS Key ManagerWSO2
*.*
1.10.0.*
5.4.0.*
5.7.0.*
5.8.0.*
5.2.0.*
5.3.0.*
5.6.0.*
1.9.0.*
5.1.0.*
ISA
Identity Server AnalyticsWSO2
*.*
5.4.0.*
5.5.0.*
5.4.1.*
-.*

Screenshots from the blog posts

blog-posts/images/clc1myb3r2awp0jmhext62z2d.jpegblog-posts/images/clc1myb3r2awp0jmhext62z2d.jpeg

Summary

Vulnerability CVE-2022-29464 being used in the wild to exploit arbitrary remote code execution through unfettered file uploads (RCE).

Description

Tags

#CVE-2022-29464#vicarius_blog#1#2
users/photos/cl9u4ikuuft0d0llg3b78egln.png

@khurram.arif

11 posts

Total vcoins

11.3K

Comments (0)