Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2022-25845

Published: 10/06/2022 Updated: 23/02/2023
CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 606
Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Subscribe to Alibaba

Vulnerability Summary

The package com.alibaba:fastjson prior to 1.2.83 are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions. Exploiting this vulnerability allows attacking remote servers. Workaround: If upgrading is not possible, you can enable [safeMode](github.com/alibaba/fastjson/wiki/fastjson_safemode).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

alibaba fastjson

oracle communications cloud native core unified data repository 22.2.0

Vendor Advisories

Red Hat: Important: Red Hat Fuse 7.11.0 release and security update
Synopsis Important: Red Hat Fuse 7110 release and security update Type/Severity Security Advisory: Important Topic A minor version update (from 710 to 711) is now available for Red Hat Fuse The purpose of this text-only errata is to inform you about the security issues fixed in this releaseRed Hat Product Security has rated this update ...
Red Hat:
A flaw was found in comalibaba:fastjson, a fast JSON parser/generator for Java Affected versions of this package are vulnerable to Deserialization of Untrusted Data by bypassing the default autoType shutdown restrictions, which is possible under certain conditions ...

Github Repositories

https://github.com/nerowander/CVE-2022-25845-exploit

CVE-2022-25845-exploit Try exploiting this CVE by studying some articles: jfrogcom/blog/cve-2022-25845-analyzing-the-fastjson-auto-type-bypass-rce-vulnerability/ wwwfreebufcom/vuls/339752html This is my analyze: githubcom/nerowander/CVE-2022-25845-exploit/blob/main/CVE-2022-25845pdf

https://github.com/scabench/fastjson-tp1fn1

a scenario based on CVE-2022-25845 yielding a TP for metadata based SCA but a FN if the callgraph is used

jsonorg CVE-2022-45688 true & false positive (WTF ??) The project contains a fastjson dependency with CVE-2022-25845 The vulnerability occurs as markup in JSON is interpreted as Java beans, ie classes are instantiated and properties are set by executing setter methods This is done using reflection If a class is in the classpath where setters can trigger behaviour

https://github.com/W01fh4cker/LearnFastjsonVulnFromZero-Basic

【两万字原创】零基础学fastjson漏洞(基础篇),公众号:追梦信安

零、前言与目录   我在学习Java漏洞的时候,感觉很痛苦,不知道从何学起,因为我的Java基础实在是太烂了,而且网上的关于这方面的文章,要么就给我这个初学者一种高深莫测、没多少基础就没法理解的感觉,要么就是写的实在是太过简略,没有系统性强、通俗易懂、小白友好的文

References

CWE-502https://www.ddosi.org/fastjson-poc/https://github.com/alibaba/fastjson/commit/8f3410f81cbd437f7c459f8868445d50ad301f15https://github.com/alibaba/fastjson/releases/tag/1.2.83https://github.com/alibaba/fastjson/commit/35db4adad70c32089542f23c272def1ad920a60dhttps://github.com/alibaba/fastjson/wiki/security_update_20220523https://snyk.io/vuln/SNYK-JAVA-COMALIBABA-2859222https://www.oracle.com/security-alerts/cpujul2022.htmlhttps://access.redhat.com/errata/RHSA-2022:5532https://nvd.nist.govhttps://github.com/scabench/fastjson-tp1fn1https://access.redhat.com/security/cve/cve-2022-25845
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3400CVE-2023-7252CVE-2024-21111denial of serviceCVE-2024-29661CVE-2024-22856remote attackersencryptionCVE-2023-38299
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook