HomePentest-Tools.com Logo

Apache Commons - Remote Code Execution (CVE-2022-42889)

Severity
CVSSv3 Score
9.8
Exploitable with Sniper
Yes
Vulnerability description

Apache Commons library is affected by a Remote Code Execution vulnerability. The root cause of this vulnerability is the StringSubstitutor interpolator object. If a remote unauthenticated attacker can pass the "${script:payload}" string to the StringSubstitutor via an exposed enpoint, then RCE can be achieved.

Exploit capabilities

Sniper can gain unauthenticated Remote Code Execution on the target system and extract multiple artefacts as evidence.

Risk description

The risk exists that a remote unauthenticated attacker can fully compromise the target in order to steal confidential information, install ransomware or pivot to the internal network.

Recommendation

Upgrade Apache Commons to the latest version or to a version higher or equal to 1.10.

Detectable with
Network Scanner
Vuln date
Oct 2022
Published at
Updated at
Software Type
Library
Vendor
Apache
Product
Commons
Codename
Not available