CVE-2022-46364

This repository contains a functional exploit for CVE-2022-46364, leveraging Apache CXF's MTOM XOP:Include SSRF vulnerability to achieve LFI and internal network scanning. The exploit constructs malicious SOAP messages with crafted URIs to read local files or make internal network requests.

This repository contains a functional Python exploit for CVE-2022-46364, targeting Apache CXF 3.2.14 via MTOM/XOP processing to achieve LFI and SSRF. The exploit constructs a malicious SOAP request with an `<xop:Include>` element to fetch local files or internal resources, demonstrating the vulnerability effectively.

This repository contains a functional exploit for CVE-2022-46364, which leverages XOP:Include in MTOM requests to perform SSRF and LFI attacks on Apache CXF versions < 3.5.5 and < 3.4.10. The exploit automates the injection of malicious XOP:Include elements into SOAP requests and handles MTOM formatting.

This repository contains a functional exploit script for CVE-2022-46364, an LFI vulnerability in Apache CXF due to improper handling of XOP Include elements in SOAP requests. The provided bash script crafts a malicious SOAP request to read arbitrary files from the server.

This repository contains a functional Python exploit for CVE-2022-46364, which leverages an SSRF vulnerability in Apache CXF's MTOM implementation to achieve LFI and internal network scanning. The exploit constructs malicious SOAP messages with crafted xop:Include elements to read local files or make internal network requests.

This repository contains a functional Python exploit for CVE-2022-46364, an SSRF vulnerability in Apache CXF via MTOM XOP:Include. The exploit constructs malicious SOAP requests to trigger SSRF and exfiltrate internal resources.