Arbitrary file upload in WSO2 Inc. products - CVE-2022-29464
Published: April 27, 2022 / Updated: June 21, 2024
Vulnerability identifier: #VU62638
CSH Severity: Critical
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Red
CVE-ID: CVE-2022-29464
CWE-ID: CWE-434
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: WSO2 Inc.
Affected software:
WSO2 API Manager
WSO2 Identity Server Analytics
WSO2 Identity Server
WSO2 Identity Server as Key Manager
WSO2 Enterprise Integrator
Open Banking AM
Open Banking KM
WSO2 API Manager
WSO2 Identity Server Analytics
WSO2 Identity Server
WSO2 Identity Server as Key Manager
WSO2 Enterprise Integrator
Open Banking AM
Open Banking KM
Detailed vulnerability description
The vulnerability allows a remote attacker to compromise vulnerable system.
The vulnerability exists due to insufficient validation of files during file upload at the /fileupload endpoint. A remote non-authenticated attacker can upload a malicious file with a Content-Disposition directory traversal sequence to place it under the webroot directory and execute it on the server.
Successful exploitation of the vulnerability may allow an attacker to compromise the affected system.
How to mitigate CVE-2022-29464
Install updates from vendor's website.