nmap-CVE-2022-29464

nmap-CVE-2022-29464 is an NSE script for detecting CVE-2022-29464 vulnerability. Unauthorized and unrestricted arbitrary file transfer vulnerability that allows unauthenticated attackers to obtain RCEs on WSO2 servers by sending malicious JSP files.

Vulnerability

See good writeup and PoC here.

Usage

┌──(kali㉿kali)-[~/nmap-CVE-2022-29464]
└─$ nmap 127.0.0.1 --script=./nmap-CVE-2022-29464.nse
(...)
PORT   STATE SERVICE
80/tcp open  http
| nmap-CVE-2022-29464:
|   VULNERABLE:
|   CVE-2022-29464
|     State: LIKELY VULNERABLE
|     IDs:  CVE:CVE-2022-29464
|     Check results:
|       127.0.0.1:8080/authenticationendpoint/shell.jsp
|     References:
|_      https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29464

Arguments

We can use several variables in the script. These are as follows:

path - relative url. On https://bugspace.pl/fileupload/toolsAny it will be /fileupload/toolsAny. The default path is /fileupload/toolsAny,
filename - file name on the server. The default name is shell.jsp.

Tests

Soon

License

Same as Nmap. See https://nmap.org/book/man-legal.html

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
README.md		README.md
nmap-CVE-2022-29464.nse		nmap-CVE-2022-29464.nse

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

nmap-CVE-2022-29464.nse

nmap-CVE-2022-29464.nse

Repository files navigation

nmap-CVE-2022-29464

Vulnerability

Usage

Arguments

Tests

License

About

Releases

Packages

Languages

gpiechnik2/nmap-CVE-2022-29464

Folders and files

Latest commit

History

README.md

README.md

nmap-CVE-2022-29464.nse

nmap-CVE-2022-29464.nse

Repository files navigation

nmap-CVE-2022-29464

Vulnerability

Usage

Arguments

Tests

License

About

Topics

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages