CVE-2022-29464

This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE via malicious JSP file uploads. The exploit leverages the unprotected `/fileupload` endpoint and detailed analysis of the vulnerability is provided.

This repository contains a Python-based exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a JSP webshell to achieve remote code execution via directory traversal.

This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 products, to deploy a JSP webshell for remote command execution. It automates the attack by reading a list of vulnerable hosts and executing a specified command.

This repository contains a Python-based exploit for CVE-2022-29464, a critical file upload vulnerability in WSO2 Identity Server. The exploit bypasses file extension validation to upload a malicious JSP file, enabling remote code execution with administrative privileges.

This is a functional exploit for CVE-2022-29464, which achieves remote code execution by uploading a malicious JSP file to vulnerable WSO2 products via an arbitrary file upload vulnerability. The exploit then interacts with the uploaded JSP to execute system commands.

This exploit targets CVE-2022-29464, a remote code execution vulnerability in WSO2 products. It uploads a malicious JSP file to a vulnerable endpoint and executes commands via a webshell.

This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 products, to achieve remote code execution by uploading a malicious JSP webshell. The script supports both single-target and batch exploitation with multithreading.

This PoC exploits CVE-2022-29464, a path traversal vulnerability in WSO2 products, to upload a malicious JSP file for remote code execution. The scripts `deface.py` and `shell.py` demonstrate file upload to a vulnerable endpoint, with `shell.py` containing a JSP-based command execution payload.

This repository contains a Python-based exploit for CVE-2022-29464, which leverages an unrestricted file upload vulnerability in WSO2 products to achieve remote code execution. The exploit uploads a JSP shell to a traversed directory under the web root, allowing command execution with superuser privileges.

This exploit leverages an arbitrary file upload vulnerability in WSO2 to deploy a JSP shell, enabling remote command execution. The PoC uploads a malicious JSP file to a predictable path and provides a web interface for command execution.

This repository contains a functional exploit for CVE-2022-29464, a pre-authentication RCE vulnerability in WSO2 Carbon Server. The exploit uploads malicious JSP files to achieve remote code execution via a webshell and reverse shell.

This repository contains an NSE script for detecting CVE-2022-29464, an unauthorized arbitrary file transfer vulnerability in WSO2 servers. The script checks for the presence of a malicious JSP file upload endpoint.

This PoC exploits CVE-2022-29464, a path traversal vulnerability in WSO2 products, to upload a JSP webshell. The exploit checks for vulnerability by attempting to upload a file and then deploys a malicious JSP shell if successful.

This exploit PoC for CVE-2022-29464 targets WSO2 Carbon Server by uploading a malicious JSP file to achieve remote code execution. The script sends a POST request to a vulnerable endpoint to deploy the webshell.

This repository contains a working PoC for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers. The exploit leverages the `/fileupload` endpoint to upload malicious JSP files, leading to remote code execution.

This repository contains a functional exploit for CVE-2022-29464, which allows arbitrary file upload and remote code execution in vulnerable WSO2 products. The exploit uploads a JSP shell to the target server and provides a web interface for command execution.

This repository contains a Python-based exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE. The PoC includes single and mass scanning capabilities with threading support.

This repository contains a mass exploit tool for CVE-2022-29464, a pre-auth RCE vulnerability in WSO2 Carbon Server. It includes a Python exploit script and a bash script for automated scanning and exploitation using Shodan and Zoomeye APIs.

This is a working exploit for CVE-2022-29464, a pre-auth RCE vulnerability in WSO2 Carbon Server. It uploads a JSP webshell to a vulnerable endpoint and provides a URL to access it.

This PoC exploits CVE-2022-29464, an arbitrary file upload vulnerability in WSO2 products, allowing attackers to upload a JSP webshell for remote code execution. The script includes functionality to check for vulnerability, upload a custom webshell, or upload arbitrary files.

This repository contains a Python-based proof-of-concept exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a malicious JSP file to achieve remote code execution (RCE) by leveraging a path traversal technique.

This exploit targets CVE-2022-29464, a path traversal vulnerability in WSO2 products, to upload a malicious JSP file for remote code execution. It automates the attack against multiple targets listed in an input file.

This repository contains a functional exploit for CVE-2022-29464, which allows unauthenticated arbitrary file upload in WSO2 servers. The exploit uploads a JSP webshell to vulnerable targets and verifies successful deployment.

This is a functional exploit for CVE-2022-29464, a path traversal vulnerability in WSO2 products allowing arbitrary file upload. The script uploads a JSP webshell to achieve remote code execution (RCE).

This is a functional exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 products leading to RCE. It uploads a malicious JSP file to execute arbitrary commands on the target system.

This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 Carbon Server, allowing an attacker to upload a malicious JSP file to achieve remote code execution. The script supports both single and mass scanning with configurable threads.

This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 products. The exploit leverages the unprotected `/fileupload` endpoint to upload malicious JSP files, leading to Remote Code Execution (RCE).

This repository contains a working exploit for CVE-2022-29464, an unauthenticated arbitrary file upload vulnerability in WSO2 servers leading to RCE. The exploit leverages the unprotected `/fileupload` endpoint to upload malicious JSP files.

This PoC exploits CVE-2022-29464, a file upload vulnerability in WSO2 products, allowing arbitrary JSP file uploads leading to remote code execution (RCE). The script uploads a malicious JSP shell and provides interactive command execution.

This exploit leverages a path traversal vulnerability in WSO2 to upload a malicious JSP file, achieving remote code execution. The JSP shell allows arbitrary command execution via a web form.

This repository contains a functional exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a malicious JSP file to achieve remote code execution (RCE) on vulnerable servers.

This repository contains a functional Python exploit for CVE-2022-29464, which targets a file upload vulnerability in WSO2 products. The exploit uploads a JSP webshell to a traversed directory path, enabling remote code execution.

This Metasploit module exploits CVE-2022-29464, an arbitrary file upload vulnerability in WSO2 products, leading to remote code execution via a malicious WAR file deployment.