NOMISEC-amit-pathak009/CVE-2022-29464

NOMISEC WORKING POC

Exploit for CVE-2022-29464 - WSO2 Arbitrary File Upload to RCE

AI Analysis

This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE. The exploit leverages the unprotected `/fileupload` endpoint to upload malicious JSP files.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1210 - Exploitation of Remote Services

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 2

https://github.com/amit-pathak009/CVE-2022-29464

Stars 0

Forks 1

Last Push May 19, 2022

Authors

amit-pathak009 Amit Pathak

Vulnerability

CVE-2022-29464

WSO2 Arbitrary File Upload to RCE

CRITICAL KEV

CVSS 9.8