CVE-2022-50899

MEDIUM

GeoNetwork 3.10-4.2.0 - XML External Entity Injection via PDF Rendering

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-50899. PoCs published by Amel BOUZIANE-LEBLOND.

AI-analyzed exploit summary This exploit demonstrates an XXE (XML External Entity) vulnerability in GeoNetwork 3.1.x through 4.2.0, allowing arbitrary file retrieval from the server during PDF rendering. The attack involves submitting a crafted JSON payload with a malicious baseURL pointing to an external XML file containing the XXE payload.

Description

Geonetwork 3.10 through 4.2.0 contains an XML external entity vulnerability in PDF rendering that allows attackers to retrieve arbitrary files from the server. Attackers can exploit the insecure XML parser by crafting a malicious XML document with external entity references to read system files through the baseURL parameter in PDF creation requests.

Exploits (1)

exploitdb WORKING POC

by Amel BOUZIANE-LEBLOND · textwebappsmultiple

https://www.exploit-db.com/exploits/50982

View Code ZIP pw:eip

This exploit demonstrates an XXE (XML External Entity) vulnerability in GeoNetwork 3.1.x through 4.2.0, allowing arbitrary file retrieval from the server during PDF rendering. The attack involves submitting a crafted JSON payload with a malicious baseURL pointing to an external XML file containing the XXE payload.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Moderate

Reliability

Reliable

Target: GeoNetwork 3.1.x through 4.2.0

No auth needed

Prerequisites: Network access to the target GeoNetwork instance · Ability to host malicious XML and DTD files on an attacker-controlled server

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1213 - Data from Information Repositories

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/50982

Various Sources product

https://geonetwork-opensource.org/

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/geonetwork-xml-external-entity-xxe

Scores

CVSS v3 6.5

EPSS 0.0046

EPSS Percentile 36.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-611

Status published

Products (2)

GeoNetwork/GeoNetwork 3.10 - 4.2.0

osgeo/geonetwork 3.10.0 - 4.2.0

Published Jan 13, 2026

Tracked Since Feb 18, 2026