CVE-2022-35649

CRITICAL

Moodle - RCE

Title source: llm

Description

The vulnerability was found in Moodle, occurs due to improper input validation when parsing PostScript code. An omitted execution parameter results in a remote code execution risk for sites running GhostScript versions older than 9.50. Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Exploits (1)

nomisec WORKING POC

by antoinenguyen-09 · poc

https://github.com/antoinenguyen-09/CVE-2022-35649

View Code ZIP pw:eip

References (5)

[Patch, Vendor Advisory] http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75044

[Issue Tracking, Third Party Advisory] https://bugzilla.redhat.com/show_bug.cgi?id=2106273

[Vendor Advisory] https://moodle.org/mod/forum/discuss.php?d=436456

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6MOKYVRNFNAODP2XSMGJ5CRDUZCZKAR3/

[Mailing List, Third Party Advisory] https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MTKUSFPSYFINSQFSOHDQIDVE6FWBEU6V/

Scores

CVSS v3 9.8

EPSS 0.0753

EPSS Percentile 91.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-20 CWE-94

Status published

Products (4)

fedoraproject/fedora 35

fedoraproject/fedora 36

moodle/moodle 3.9 - 3.9.15Packagist

moodle/moodle 3.9.0 - 3.9.15

Published Jul 25, 2022

Tracked Since Feb 18, 2026