nomisec
WORKING POC
377 stars
by hakivvi · remote
https://github.com/hakivvi/CVE-2022-29464
This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE via malicious JSP file uploads. The exploit leverages the unprotected `/fileupload` endpoint and detailed analysis of the vulnerability is provided.
Classification
Working Poc 95%
Target:
WSO2 Carbon-based products
No auth needed
Prerequisites:
Network access to the target WSO2 server · Vulnerable version of WSO2 with exposed `/fileupload` endpoint
nomisec
WORKING POC
27 stars
by 0xdsm · poc
https://github.com/0xdsm/WSOB
This repository contains a Python-based exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a JSP webshell to achieve remote code execution via directory traversal.
Classification
Working Poc 95%
Target:
WSO2 API Manager 2.2.0-4.0.0, WSO2 Identity Server 5.2.0-5.11.0, WSO2 Identity Server Analytics 5.4.0-5.6.0, WSO2 Identity Server as Key Manager 5.3.0-5.10.0, WSO2 Enterprise Integrator 6.2.0-6.6.0
No auth needed
Prerequisites:
Network access to the target WSO2 instance · File upload endpoint exposed
nomisec
WORKING POC
11 stars
by SystemVll · poc
https://github.com/SystemVll/CVE-2022-29464
This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 products, to deploy a JSP webshell for remote command execution. It automates the attack by reading a list of vulnerable hosts and executing a specified command.
Classification
Working Poc 95%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
List of vulnerable WSO2 server URLs · Network access to target servers
nomisec
WORKING POC
8 stars
by ThatNotEasy · remote
https://github.com/ThatNotEasy/CVE-2022-29464
This repository contains a Python-based exploit for CVE-2022-29464, a critical file upload vulnerability in WSO2 Identity Server. The exploit bypasses file extension validation to upload a malicious JSP file, enabling remote code execution with administrative privileges.
Classification
Working Poc 95%
Target:
WSO2 Identity Server (versions affected by CVE-2022-29464)
No auth needed
Prerequisites:
Network access to the target WSO2 Identity Server · A JSP shell file named 'shell.jsp' in a 'Files' directory
nomisec
WORKING POC
7 stars
by gbrsh · remote
https://github.com/gbrsh/CVE-2022-29464
This is a functional exploit for CVE-2022-29464, which achieves remote code execution by uploading a malicious JSP file to vulnerable WSO2 products via an arbitrary file upload vulnerability. The exploit then interacts with the uploaded JSP to execute system commands.
Classification
Working Poc 95%
Target:
WSO2 API Manager 2.2.0-4.0.0, WSO2 Identity Server 5.2.0-5.11.0, and other WSO2 products
No auth needed
Prerequisites:
Network access to the target server · Vulnerable WSO2 product exposed
nomisec
WORKING POC
5 stars
by hev0x · poc
https://github.com/hev0x/CVE-2022-29464
This exploit targets CVE-2022-29464, a remote code execution vulnerability in WSO2 products. It uploads a malicious JSP file to a vulnerable endpoint and executes commands via a webshell.
Classification
Working Poc 95%
Target:
WSO2 products (specific version not specified)
No auth needed
Prerequisites:
Vulnerable WSO2 instance · Network access to the target
nomisec
WORKING POC
5 stars
by Lidong-io · poc
https://github.com/Lidong-io/cve-2022-29464
This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 products, to achieve remote code execution by uploading a malicious JSP webshell. The script supports both single-target and batch exploitation with multithreading.
Classification
Working Poc 95%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
Target URL or list of URLs · Network access to vulnerable WSO2 instance
nomisec
WORKING POC
4 stars
by jimidk · poc
https://github.com/jimidk/Better-CVE-2022-29464
This repository contains a Python-based exploit for CVE-2022-29464, which leverages an unrestricted file upload vulnerability in WSO2 products to achieve remote code execution. The exploit uploads a JSP shell to a traversed directory under the web root, allowing command execution with superuser privileges.
Classification
Working Poc 95%
Target:
WSO2 API Manager, Identity Server, Identity Server Analytics, Identity Server as Key Manager, Enterprise Integrator
No auth needed
Prerequisites:
Vulnerable WSO2 product with exposed /fileupload endpoint · Network access to the target server
nomisec
WORKING POC
4 stars
by r4x0r1337 · remote
https://github.com/r4x0r1337/-CVE-2022-29464
This PoC exploits CVE-2022-29464, a path traversal vulnerability in WSO2 products, to upload a malicious JSP file for remote code execution. The scripts `deface.py` and `shell.py` demonstrate file upload to a vulnerable endpoint, with `shell.py` containing a JSP-based command execution payload.
Classification
Working Poc 90%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
Network access to the vulnerable WSO2 instance · Vulnerable endpoint `/fileupload/toolsAny` exposed
nomisec
SCANNER
3 stars
by gpiechnik2 · poc
https://github.com/gpiechnik2/nmap-CVE-2022-29464
This repository contains an NSE script for detecting CVE-2022-29464, an unauthorized arbitrary file transfer vulnerability in WSO2 servers. The script checks for the presence of a malicious JSP file upload endpoint.
Classification
Scanner 90%
Target:
WSO2 servers
No auth needed
Prerequisites:
Nmap with NSE support · Network access to target server
nomisec
WORKING POC
3 stars
by Chocapikk · poc
https://github.com/Chocapikk/CVE-2022-29464
This repository contains a functional exploit for CVE-2022-29464, a pre-authentication RCE vulnerability in WSO2 Carbon Server. The exploit uploads malicious JSP files to achieve remote code execution via a webshell and reverse shell.
Classification
Working Poc 95%
Target:
WSO2 Carbon Server
No auth needed
Prerequisites:
Target server running vulnerable WSO2 Carbon Server · Network access to the target server
nomisec
WORKING POC
3 stars
by hupe1980 · remote
https://github.com/hupe1980/CVE-2022-29464
This exploit leverages an arbitrary file upload vulnerability in WSO2 to deploy a JSP shell, enabling remote command execution. The PoC uploads a malicious JSP file to a predictable path and provides a web interface for command execution.
Classification
Working Poc 100%
Target:
WSO2 (specific versions affected by CVE-2022-29464)
No auth needed
Prerequisites:
Network access to the WSO2 management interface · File upload endpoint accessible
nomisec
WORKING POC
2 stars
by mr-r3bot · poc
https://github.com/mr-r3bot/WSO2-CVE-2022-29464
This exploit PoC for CVE-2022-29464 targets WSO2 Carbon Server by uploading a malicious JSP file to achieve remote code execution. The script sends a POST request to a vulnerable endpoint to deploy the webshell.
Classification
Working Poc 95%
Target:
WSO2 Carbon Server
No auth needed
Prerequisites:
Network access to the target server · Vulnerable WSO2 Carbon Server instance
nomisec
WORKING POC
2 stars
by superzerosec · remote
https://github.com/superzerosec/CVE-2022-29464
This PoC exploits CVE-2022-29464, a path traversal vulnerability in WSO2 products, to upload a JSP webshell. The exploit checks for vulnerability by attempting to upload a file and then deploys a malicious JSP shell if successful.
Classification
Working Poc 95%
Target:
WSO2 products (e.g., WSO2 API Manager, WSO2 Identity Server)
No auth needed
Prerequisites:
Network access to the target WSO2 instance · File upload endpoint exposed
nomisec
WORKING POC
2 stars
by tufanturhan · poc
https://github.com/tufanturhan/wso2-rce-cve-2022-29464
This repository contains a working PoC for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers. The exploit leverages the `/fileupload` endpoint to upload malicious JSP files, leading to remote code execution.
Classification
Working Poc 95%
Target:
WSO2 Carbon-based products (versions affected by CVE-2022-29464)
No auth needed
Prerequisites:
Network access to the target WSO2 server · Vulnerable `/fileupload` endpoint exposed
nomisec
WORKING POC
1 stars
by LinJacck · remote
https://github.com/LinJacck/CVE-2022-29464
This PoC exploits CVE-2022-29464, an arbitrary file upload vulnerability in WSO2 products, allowing attackers to upload a JSP webshell for remote code execution. The script includes functionality to check for vulnerability, upload a custom webshell, or upload arbitrary files.
Classification
Working Poc 95%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
Network access to the target WSO2 instance · File upload endpoint exposed
nomisec
WORKING POC
1 stars
by Pasch0 · remote
https://github.com/Pasch0/WSO2RCE
This repository contains a functional exploit for CVE-2022-29464, which allows arbitrary file upload and remote code execution in vulnerable WSO2 products. The exploit uploads a JSP shell to the target server and provides a web interface for command execution.
Classification
Working Poc 95%
Target:
WSO2 API Manager, WSO2 Identity Server, WSO2 Open Banking, and other WSO2 products
No auth needed
Prerequisites:
Network access to the target WSO2 instance · Vulnerable version of WSO2 product
nomisec
WORKING POC
1 stars
by 0xAgun · poc
https://github.com/0xAgun/CVE-2022-29464
This exploit targets CVE-2022-29464, a path traversal vulnerability in WSO2 products, to upload a malicious JSP file for remote code execution. It automates the attack against multiple targets listed in an input file.
Classification
Working Poc 95%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
List of target URLs · Network access to vulnerable WSO2 instance
nomisec
WORKING POC
1 stars
by Pushkarup · remote
https://github.com/Pushkarup/CVE-2022-29464
This repository contains a Python-based exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE. The PoC includes single and mass scanning capabilities with threading support.
Classification
Working Poc 95%
Target:
WSO2 Identity Server (multiple versions)
No auth needed
Prerequisites:
Python 3.x · requests library · target URL(s)
nomisec
WORKING POC
1 stars
by amit-pathak009 · poc
https://github.com/amit-pathak009/CVE-2022-29464-mass
This is a working exploit for CVE-2022-29464, a pre-auth RCE vulnerability in WSO2 Carbon Server. It uploads a JSP webshell to a vulnerable endpoint and provides a URL to access it.
Classification
Working Poc 95%
Target:
WSO2 Carbon Server
No auth needed
Prerequisites:
Target must be a vulnerable WSO2 Carbon Server instance · Network access to the target
nomisec
WORKING POC
1 stars
by axin2019 · remote
https://github.com/axin2019/CVE-2022-29464
This repository contains a Python-based proof-of-concept exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a malicious JSP file to achieve remote code execution (RCE) by leveraging a path traversal technique.
Classification
Working Poc 95%
Target:
WSO2 API Manager (2.2.0-4.0.0), WSO2 Identity Server (5.2.0-5.11.0), WSO2 Identity Server Analytics (5.4.0-5.6.0), WSO2 Identity Server as Key Manager (5.3.0-5.10.0), WSO2 Enterprise Integrator (6.2.0-6.6.0)
No auth needed
Prerequisites:
Network access to the target WSO2 instance · File upload endpoint accessible at /fileupload/toolsAny
nomisec
WORKING POC
1 stars
by hxlxmj · poc
https://github.com/hxlxmj/Mass-exploit-CVE-2022-29464
This repository contains a mass exploit tool for CVE-2022-29464, a pre-auth RCE vulnerability in WSO2 Carbon Server. It includes a Python exploit script and a bash script for automated scanning and exploitation using Shodan and Zoomeye APIs.
Classification
Working Poc 95%
Target:
WSO2 Carbon Server
No auth needed
Prerequisites:
Python3 · Shodan API key · Zoomeye API key
nomisec
WORKING POC
by amit-pathak009 · poc
https://github.com/amit-pathak009/CVE-2022-29464
This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE. The exploit leverages the unprotected `/fileupload` endpoint to upload malicious JSP files.
Classification
Working Poc 95%
Target:
WSO2 Carbon-based products (versions affected by CVE-2022-29464)
No auth needed
Prerequisites:
Network access to the target WSO2 server · The `/fileupload` endpoint must be exposed and unprotected
nomisec
WORKING POC
by devengpk · remote
https://github.com/devengpk/CVE-2022-29464
This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 products. The exploit leverages the unprotected `/fileupload` endpoint to upload malicious JSP files, leading to Remote Code Execution (RCE).
Classification
Working Poc 95%
Target:
WSO2 products (specific versions not listed in the provided files)
No auth needed
Prerequisites:
Network access to the target WSO2 server · The `/fileupload` endpoint must be exposed and unprotected
gitlab
WORKING POC
by fsec-vaul · remote
https://gitlab.com/fsec-vaul/cve-2022-29464-massexploit
This repository contains a functional exploit for CVE-2022-29464, which allows unauthenticated arbitrary file upload in WSO2 servers. The exploit uploads a JSP webshell to vulnerable targets and verifies successful deployment.
Classification
Working Poc 95%
Target:
WSO2 Management Console
No auth needed
Prerequisites:
List of target IPs/hosts in the specified format
nomisec
WORKING POC
by SynixCyberCrimeMy · remote
https://github.com/SynixCyberCrimeMy/CVE-2022-29464
This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 Carbon Server, allowing an attacker to upload a malicious JSP file to achieve remote code execution. The script supports both single and mass scanning with configurable threads.
Classification
Working Poc 90%
Target:
WSO2 Carbon Server
No auth needed
Prerequisites:
Network access to the target server · Target server running vulnerable WSO2 Carbon Server
nomisec
WORKING POC
by cc3305 · remote
https://github.com/cc3305/CVE-2022-29464
This is a functional exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 products leading to RCE. It uploads a malicious JSP file to execute arbitrary commands on the target system.
Classification
Working Poc 95%
Target:
WSO2 API Manager, Identity Server, and related products (versions 2.2.0-4.0.0, 5.2.0-5.11.0, etc.)
No auth needed
Prerequisites:
Network access to the target WSO2 instance · File upload endpoint accessible
nomisec
WORKING POC
by c1ph3rbyt3 · remote
https://github.com/c1ph3rbyt3/CVE-2022-29464
This is a functional exploit for CVE-2022-29464, a path traversal vulnerability in WSO2 products allowing arbitrary file upload. The script uploads a JSP webshell to achieve remote code execution (RCE).
Classification
Working Poc 95%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
Network access to vulnerable WSO2 instance · Python 3.8+ with requests library
nomisec
WORKING POC
by h3x0v3rl0rd · poc
https://github.com/h3x0v3rl0rd/CVE-2022-29464
This exploit leverages a path traversal vulnerability in WSO2 to upload a malicious JSP file, achieving remote code execution. The JSP shell allows arbitrary command execution via a web form.
Classification
Working Poc 95%
Target:
WSO2 (specific version not specified in PoC)
No auth needed
Prerequisites:
Network access to the target WSO2 instance · File upload endpoint accessible
nomisec
WORKING POC
by lowkey0808 · poc
https://github.com/lowkey0808/cve-2022-29464
This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 products, allowing arbitrary JSP file uploads leading to remote code execution (RCE). The script uploads a malicious JSP shell and provides interactive command execution.
Classification
Working Poc 95%
Target:
WSO2 products (e.g., API Manager, Identity Server)
No auth needed
Prerequisites:
Network access to the target WSO2 instance · Vulnerable endpoint exposed
vulncheck_xdb
WORKING POC
remote
https://github.com/SystemVll/CVE-2022-29464-loader
This repository contains a functional exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a malicious JSP file to achieve remote code execution (RCE) on vulnerable servers.
Classification
Working Poc 95%
Target:
WSO2 products (specific versions not listed)
No auth needed
Prerequisites:
List of vulnerable WSO2 server URLs · Network access to the target servers
metasploit
WORKING POC
EXCELLENT
by Orange Tsai, hakivvi, wvu · rubypocjava
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wso2_file_upload_rce.rb
This Metasploit module exploits CVE-2022-29464, an arbitrary file upload vulnerability in WSO2 products, leading to remote code execution via a malicious WAR file deployment.
Classification
Working Poc 100%
Target:
WSO2 API Manager 2.2.0-4.0.0, WSO2 Identity Server 5.2.0-5.11.0, and other affected WSO2 products
No auth needed
Prerequisites:
Network access to the target WSO2 instance · WSO2 file upload endpoint accessible
vulncheck_xdb
WORKING POC
remote
https://github.com/000pp/WSOB
This repository contains a functional Python exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a JSP webshell to a traversed directory path, enabling remote code execution.
Classification
Working Poc 95%
Target:
WSO2 API Manager, Identity Server, Enterprise Integrator
No auth needed
Prerequisites:
Target URL with vulnerable WSO2 endpoint