cve/CVE-2022-47986.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 02:31:38 +00:00

0xMarcio c24be57ea5 Update CVE sources 2024-08-31 19:52

2024-08-31 19:52:39 +00:00

1.6 KiB

Raw Permalink Blame History

CVE-2022-47986

Description

IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.

POC

Reference

http://packetstormsecurity.com/files/171772/IBM-Aspera-Faspex-4.4.1-YAML-Deserialization.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/ARPSyndicate/kenzer-templates
https://github.com/LubyRuffy/gofofa
https://github.com/Ostorlab/KEV
https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
https://github.com/dhina016/CVE-2022-47986
https://github.com/k0mi-tg/CVE-POC
https://github.com/manas3c/CVE-POC
https://github.com/mauricelambert/CVE-2022-47986
https://github.com/nomi-sec/PoC-in-GitHub
https://github.com/ohnonoyesyes/CVE-2022-47986
https://github.com/ramimac/aws-customer-security-incidents
https://github.com/whoforget/CVE-POC
https://github.com/youwizard/CVE-POC

1.6 KiB Raw Permalink Blame History

CVE-2022-47986

Description

POC

Reference

Github

1.6 KiB

Raw Permalink Blame History