CVE-2022-42889 : ORACLE UTILITIES FRAMEWORK 4.4.0.3.0/4.5.0.0.0 GENERAL REMOTE CODE EXECUTION

Description

Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is “${prefix:name}”, where “prefix” is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: – “script” – execute expressions using the JVM script execution engine (javax.script) – “dns” – resolve dns records – “url” – load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.

References

https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2022-0022

https://security.netapp.com/advisory/ntap-20221020-0004/

https://security.gentoo.org/glsa/202301-05

https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om

https://lists.apache.org/thread/n2bd4vdsgkqh2tm14l1wyc3jyol7s1om

http://www.openwall.com/lists/oss-security/2022/10/13/4

http://www.openwall.com/lists/oss-security/2022/10/18/1

For More Information

MITRE

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2023-0556 : CONTENTSTUDIO PLUGIN UP TO 1.2.5 ON WORDPRESS CSTU_GET_METADATA AUTHORIZATION

CVE-2023-0556 : CONTENTSTUDIO PLUGIN UP TO 1.2.5 ON WORDPRESS CSTU_GET_METADATA AUTHORIZATION

Description The ContentStudio plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several functions

CVE-2022-48108 : D-LINK DIR-878 1.30B08 SUBNETMASK COMMAND INJECTION

CVE-2022-48108 : D-LINK DIR-878 1.30B08 SUBNETMASK COMMAND INJECTION

Description D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the component /SetNetworkSettings/SubnetMask. This vulnerability allows attackers to

CVE-2022-47767 : SOLAR-LOG GATEWAY UP TO 4.2.7/5.1.1 SLCORE BACKDOOR

CVE-2022-47767 : SOLAR-LOG GATEWAY UP TO 4.2.7/5.1.1 SLCORE BACKDOOR

Description A backdoor in Solar-Log Gateway products allows remote access via web panel gaining super administration privileges to the attacker.