CVE-2022-47876

HIGH

Jedox GmbH Jedox <2020.2.5 - Command Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-47876. PoCs published by Team Syslifters.

AI-analyzed exploit summary This exploit demonstrates Remote Code Execution (RCE) in Jedox Integrator by leveraging Groovy script execution. Authenticated users can create jobs with arbitrary Groovy code to execute system commands, as shown by the `whoami` example.

Description

The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.

Exploits (1)

exploitdb WORKING POC

by Team Syslifters · textwebappsphp

https://www.exploit-db.com/exploits/51427

View Code ZIP pw:eip

This exploit demonstrates Remote Code Execution (RCE) in Jedox Integrator by leveraging Groovy script execution. Authenticated users can create jobs with arbitrary Groovy code to execute system commands, as shown by the `whoami` example.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Jedox Integrator 2020.2 (20.2.5) and older

Auth required

Prerequisites: Authenticated access to Jedox Integrator · Permission to create Groovy jobs

MITRE ATT&CK

T1059.004 - Unix Shell T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/172155/Jedox-2020.2.5-Groovy-Scripts-Remote-Code-Execution.html

Exploit, Third Party Advisory

https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf

Scores

CVSS v3 8.8

EPSS 0.0705

EPSS Percentile 93.3%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

Status published

Products (1)

jedox/jedox 2020.2.5

Published May 02, 2023

Tracked Since Feb 18, 2026