by vicarius
log in join community
by @khurram.arif
24 Dec 2022
#cve_analysis

Write a blog analysis for a CVE

publish

WSO2 RCE (CVE-2022-29464)

by @khurram.arif
by @khurram.arif
24 Dec 2022
#cve_analysis

Write a blog analysis for a CVE

publish

WSO2 RCE (CVE-2022-29464)

CVEs

CVE-2022-29464
9.8 Critical Severity

Apps

IS
Identity ServerWSO2
5.11.0.329.*
6.1.0.128.*
6.1.0.136.*
6.0.0.179.*
5.10.0.300.*
7.1.0.28.*
*.*
6.0.0.171.*
5.4.0.*
5.7.0.*
AM
API ManagerWSO2
3.2.1.73.*
4.0.0.370.*
4.1.0.233.*
4.0.0.355.*
4.2.0.182.*
4.2.0.176.*
3.2.1.52.*
4.1.0.218.*
4.5.0.38.*
4.1.0.242.*
EI
Enterprise IntegratorWSO2
6.6.0.224.*
6.6.0.222.*
6.5.0.102.*
6.5.0.107.*
6.6.0.198.*
6.4.0.96.*
6.4.0.100.*
6.2.0.62.*
6.3.0.69.*
6.2.0.61.*
ISA
Identity Server AS Key ManagerWSO2
5.10.0.296.*
*.*
1.10.0.*
5.4.0.*
5.7.0.*
5.8.0.*
5.2.0.*
5.3.0.*
5.6.0.*
1.9.0.*
ISA
Identity Server AnalyticsWSO2
*.*
5.4.0.Alpha
5.4.0.Update4
5.4.0.Update1
5.4.0.*
5.4.0.-
5.4.0.Beta
5.7.0.Alpha
5.7.0.Beta
5.7.0.BETA4

Screenshots from the blog posts

blog-posts/images/clc1myb3r2awp0jmhext62z2d.jpegblog-posts/images/clc1myb3r2awp0jmhext62z2d.jpeg

Summary

Vulnerability CVE-2022-29464 being used in the wild to exploit arbitrary remote code execution through unfettered file uploads (RCE).

Description

Tags

#CVE-2022-29464#vicarius_blog#1#2
users/photos/cl9u4ikuuft0d0llg3b78egln.png

@khurram.arif

11 posts

Total vcoins

0

Comments (0)