CVE-2022-45047

CRITICAL

Apache MINA SSHD <= 2.9.1 - Deserialization of Untrusted Data in SimpleGeneratorHostKeyProvider

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-45047. PoCs published by hktalent.

AI-analyzed exploit summary This PoC exploits CVE-2022-45047, a deserialization vulnerability in Oracle WebLogic Server, by sending a malicious SOAP request with a crafted XML payload to achieve arbitrary file write. The exploit targets the AsyncResponseService endpoint and checks for a successful response (HTTP 202).

Description

Class org.apache.sshd.server.keyprovider.SimpleGeneratorHostKeyProvider in Apache MINA SSHD <= 2.9.1 uses Java deserialization to load a serialized java.security.PrivateKey. The class is one of several implementations that an implementor using Apache MINA SSHD can choose for loading the host keys of an SSH server.

Exploits (1)

nomisec WORKING POC 2 stars

by hktalent · poc

https://github.com/hktalent/CVE-2022-45047

View Code ZIP pw:eip

This PoC exploits CVE-2022-45047, a deserialization vulnerability in Oracle WebLogic Server, by sending a malicious SOAP request with a crafted XML payload to achieve arbitrary file write. The exploit targets the AsyncResponseService endpoint and checks for a successful response (HTTP 202).

Classification

Working Poc 90%

Attack Type

Deserialization

Complexity

Moderate

Reliability

Reliable

Target: Oracle WebLogic Server

No auth needed

Prerequisites: Network access to the WebLogic Server · WebLogic Server with vulnerable endpoint exposed

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mailing List

https://www.mail-archive.com/dev%40mina.apache.org/msg39312.html

Vendor Advisory

https://security.netapp.com/advisory/ntap-20240216-0008/

Scores

CVSS v3 9.8

EPSS 0.0357

EPSS Percentile 87.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-502

Status published

Products (4)

apache/sshd < 2.9.1

Apache Software Foundation/Apache MINA SSHD unspecified - 2.9.1

org.apache.sshd/sshd-common 0 - 2.9.2Maven

org.apache.sshd/sshd-core 0 - 2.9.2Maven

Published Nov 16, 2022

Tracked Since Feb 18, 2026