CVE-2022-35411

CRITICAL

Rpc.py < 0.6.0 - Insufficiently Protected Credentials

Title source: rule

Description

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

Exploits (5)

exploitdb WORKING POC

by Elias Hohl · pythonremotepython

https://www.exploit-db.com/exploits/50983

View Code ZIP pw:eip

nomisec WORKING POC 2 stars

by CSpanias · poc

https://github.com/CSpanias/rpc-rce.py

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by fuzzlove · poc

https://github.com/fuzzlove/CVE-2022-35411

View Code ZIP pw:eip

github NO CODE

by Boon-Rekcah · pythonpoc

https://github.com/Boon-Rekcah/CVE-Exploits/tree/main/Python Libraries CVE/CVE-2022-35411 ( rpc.py )

View Code ZIP pw:eip

nomisec WORKING POC

by Neo-okami · poc

https://github.com/Neo-okami/CVE-2022-35411

View Code ZIP pw:eip

References (4)

[Exploit] https://medium.com/%40elias.hohl/remote-code-execution-0-day-in-rpc-py-709c76690c30

[Exploit, Third Party Advisory] https://github.com/ehtec/rpcpy-exploit

[Patch, Third Party Advisory] https://github.com/abersheeran/rpc.py/commit/491e7a841ed9a754796d6ab047a9fb16e23bf8bd

[Exploit, Third Party Advisory, VDB Entry] http://packetstormsecurity.com/files/167872/rpc.py-0.6.0-Remote-Code-Execution.html

Scores

CVSS v3 9.8

EPSS 0.7133

EPSS Percentile 98.7%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-522

Status published

Products (2)

pypi/rpc.py 0.4.2PyPI

rpc.py_project/rpc.py 0.4.2 - 0.6.0

Published Jul 08, 2022

Tracked Since Feb 18, 2026