Exploit for #VU62638 Arbitrary file upload in WSO2 Inc. products

Vulnerability identifier: #VU62638

Vulnerability risk: Critical

CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red]

CVE-ID: CVE-2022-29464

CWE-ID: CWE-434

Exploitation vector: Network

Exploits in database: 31

• June 21, 2024
  • CVE-2022-29464 (CVE-2022-29464 exploit script) [Github]
• April 26, 2023
  • CVE-2022-29464 (Perform With Mass Exploits In WSO Management.) [Github]
• January 11, 2023
  • CVE-2022-29464-mass () [Github]
• November 15, 2022
  • CVE-2022-29464 (RCE exploit for WSO2) [Github]
• September 22, 2022
  • CVE-2022-29464 (WSO2 Arbitrary File Upload to Remote Command Execution (RCE)) [Github]
• August 1, 2022
  • -CVE-2022-29464 () [Github]
• July 5, 2022
  • WSO2RCE (CVE-2022-29464 Exploit) [Github]
• June 23, 2022
  • Mass-exploit-CVE-2022-29464 (Mass Exploit for CVE 2022-29464 on Carbon) [Github]
• June 6, 2022
  • Better-CVE-2022-29464 (CVE-2022-29464 PoC for WSO2 products) [Github]
• May 27, 2022
  • CVE-2022-29464-mass () [Github]
• May 26, 2022
  • CVE-2022-29464 (Python script to exploit CVE-2022-29464 (mass mode)) [Github]
• May 23, 2022
  • CVE-2022-29464 () [Github]
• May 16, 2022
  • CVE-2022-29464-loader (A bots loader for CVE-2022-29464 with multithreading) [Github]
• May 12, 2022
  • WSO2 Arbitrary File Upload to RCE [Metasploit]
• May 8, 2022
  • CVE-2022-29464 (cve-2022-29464 EXP) [Github]
• May 5, 2022
  • CVE-2022-29464 (1) [Github]
• May 4, 2022
  • WSO Arbitrary File Upload / Remote Code Execution [Packet Storm]
• May 1, 2022
  • CVE-2022-29464 (CVE-2022-29464 POC exploit) [Github]
  • CVE-2022-29464 (CVE-2022-29464) [Github]
• April 27, 2022
  • WSO2--CVE-2022-29464 (Pre-auth RCE bug CVE-2022-29464) [Github]
  • wso2-rce-cve-2022-29464 () [Github]
  • CVE-2022-29464 () [Github]
  • cve-2022-29464 (cve-2022-29464 批量脚本) [Github]
  • CVE-2022-29464 (WSO2 RCE (CVE-2022-29464) exploit and writeup.) [Github]
  • WSOB (? WSOB is a python tool created to exploit the new vulnerability on WSO2 assigned as CVE-2022-29464.) [Github]
  • cve-2022-29464 () [Github]
  • WSO2-CVE-2022-29464 (Pre-auth RCE bug CVE-2022-29464) [Github]
  • cve-2022-29464 (cve-2022-29464 批量脚本) [Github]
  • nmap-CVE-2022-29464 ( Repository containing nse script for vulnerability CVE-2022-29464 known as WSO2 RCE.) [Github]
  • CVE-2022-29464 (WSO2 RCE (CVE-2022-29464) ) [Github]
  • CVE-2022-29464 () [Github]

Vulnerable software:
WSO2 API Manager
Web applications / Other software
WSO2 Identity Server Analytics
Web applications / Other software
WSO2 Identity Server
Server applications / Directory software, identity management
WSO2 Identity Server as Key Manager
Server applications / Other server solutions
WSO2 Enterprise Integrator
Server applications / Other server solutions
Open Banking AM
Server applications / Other server solutions
Open Banking KM
Server applications / Other server solutions

Vendor: WSO2 Inc.