CVE-2022-24816

CRITICAL KEV NUCLEI

Geosolutionsgroup Jai-ext < 1.1.22 - Code Injection

Title source: rule

Description

JAI-EXT is an open-source project which aims to extend the Java Advanced Imaging (JAI) API. Programs allowing Jiffle script to be provided via network request can lead to a Remote Code Execution as the Jiffle script is compiled into Java code via Janino, and executed. In particular, this affects the downstream GeoServer project. Version 1.2.22 will contain a patch that disables the ability to inject malicious code into the resulting script. Users unable to upgrade may negate the ability to compile Jiffle scripts from the final application, by removing janino-x.y.z.jar from the classpath.

Exploits (1)

nomisec WORKING POC 1 stars

by c1ph3rbyt3 · remote

https://github.com/c1ph3rbyt3/CVE-2022-24816

View Code ZIP pw:eip

Nuclei Templates (1)

GeoServer <1.2.2 - Remote Code Execution

CRITICALVERIFIEDby mukundbhuva

Shodan: /geoserver/

FOFA: app="GeoServer" || app="geoserver"

References (3)

[Patch] https://github.com/geosolutions-it/jai-ext/commit/cb1d6565d38954676b0a366da4f965fef38da1cb

[Vendor Advisory] https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-24816

Scores

CVSS v3 10.0

EPSS 0.9371

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Details

CISA KEV 2024-06-26

VulnCheck KEV 2024-01-22

InTheWild.io 2024-06-26

ENISA EUVD EUVD-2023-2600

CWE

CWE-94

Status published

Products (3)

geosolutionsgroup/jai-ext < 1.1.22

it.geosolutions.jaiext.jiffle/jt-jiffle 0 - 1.1.22Maven

it.geosolutions.jaiext.jiffle/jt-jiffle-language 0 - 1.1.22Maven

Published Apr 13, 2022

KEV Added Jun 26, 2024

Tracked Since Feb 18, 2026