CVE-2022-36537

HIGH KEV RANSOMWARE NUCLEI

ZK Framework <9.6.1 - Info Disclosure

Title source: llm

Description

ZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent to the component AuUploader.

Exploits (3)

nomisec WORKING POC 36 stars

by Malwareman007 · remote

https://github.com/Malwareman007/CVE-2022-36537

View Code ZIP pw:eip

nomisec WORKING POC 10 stars

by agnihackers · remote

https://github.com/agnihackers/CVE-2022-36537-EXPLOIT

View Code ZIP pw:eip

nomisec WORKING POC

by ethan-repo-lab4b6 · remote

https://github.com/ethan-repo-lab4b6/CVE-2022-36537

View Code ZIP pw:eip

Nuclei Templates (1)

ZK Framework - Information Disclosure

HIGHVERIFIEDby theamanrawat

Shodan: http.title:"Server backup manager" || http.title:"server backup manager"

FOFA: title="server backup manager"

References (3)

[Issue Tracking, Patch, Vendor Advisory] https://tracker.zkoss.org/browse/ZK-5150

[Third Party Advisory] https://www.bleepingcomputer.com/news/security/cisa-warns-of-hackers-exploiting-zk-java-framework-rce-flaw/

[US Government Resource] https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-36537

Scores

CVSS v3 7.5

EPSS 0.9394

EPSS Percentile 99.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CISA KEV 2023-02-27

VulnCheck KEV 2023-02-14

InTheWild.io 2023-02-27

ENISA EUVD EUVD-2022-6491

Ransomware Use Confirmed

Status published

Products (2)

org.zkoss.zk/zk 0 - 8.6.4.2Maven

zkoss/zk_framework < 8.6.4.2

Published Aug 26, 2022

KEV Added Feb 27, 2023

Tracked Since Feb 18, 2026