Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps directory. This affects WSO2 API Manager 2.2.0 up to 4.0.0, WSO2 Identity Server 5.2.0 up to 5.11.0, WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0 and 5.6.0, WSO2 Identity Server as Key Manager 5.3.0 up to 5.11.0, WSO2 Enterprise Integrator 6.2.0 up to 6.6.0, WSO2 Open Banking AM 1.4.0 up to 2.0.0 and WSO2 Open Banking KM 1.4.0, up to 2.0.0.
Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
---|---|---|---|---|---|
CVE-2022-29464 | WSO2 Multiple Products Unrestrictive Upload of File Vulnerability | secondary_impact | T1496 | Resource Hijacking |
Comments
CVE-2022-29464 is an unrestricted file upload vulnerability where an adversary can upload arbitrary files and, due to a directory traversal issue, write files to locations where they can then send commands. Adversaries have been seen to use this to mine cryptocurrency.
References
|
CVE-2022-29464 | WSO2 Multiple Products Unrestrictive Upload of File Vulnerability | primary_impact | T1202 | Indirect Command Execution |
Comments
CVE-2022-29464 is an unrestricted file upload vulnerability where an adversary can upload arbitrary files and, due to a directory traversal issue, write files to locations where they can then send commands. Adversaries have been seen to use this to mine cryptocurrency.
References
|
CVE-2022-29464 | WSO2 Multiple Products Unrestrictive Upload of File Vulnerability | exploitation_technique | T1190 | Exploit Public-Facing Application |
Comments
CVE-2022-29464 is an unrestricted file upload vulnerability where an adversary can upload arbitrary files and, due to a directory traversal issue, write files to locations where they can then send commands. Adversaries have been seen to use this to mine cryptocurrency.
References
|