CVE-2022-37298

CRITICAL

Shinken Monitoring 2.4.3 - Improper Authentication via SafeUnpickler

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-37298. PoCs published by dbyio.

AI-analyzed exploit summary The repository contains a functional Python exploit for CVE-2022-37298, which leverages unsafe deserialization in Shinken Monitoring's SafeUnpickler class to achieve remote code execution (RCE). The exploit crafts a malicious pickle payload, compresses it, and sends it to the target server via the '/put-conf' endpoint.

Description

Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server.

Exploits (1)

nomisec WORKING POC 3 stars
by dbyio · poc
https://github.com/dbyio/cve-2022-37298

The repository contains a functional Python exploit for CVE-2022-37298, which leverages unsafe deserialization in Shinken Monitoring's SafeUnpickler class to achieve remote code execution (RCE). The exploit crafts a malicious pickle payload, compresses it, and sends it to the target server via the '/put-conf' endpoint.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Shinken Monitoring 2.4.3
No auth needed
Prerequisites: Network access to the Shinken server's '/put-conf' endpoint
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 9.8
EPSS 0.1635
EPSS Percentile 95.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-287
Status published
Products (2)
pypi/Shinken 0PyPI
shinken-monitoring/shinken_monitoring 2.4.3
Published Oct 20, 2022
Tracked Since Feb 18, 2026