6.1
CVSSv3

CVE-2022-39197

Published: 22/09/2022 Updated: 22/09/2022
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

Vulnerability Summary

An XSS (Cross Site Scripting) vulnerability was found in HelpSystems Cobalt Strike up to and including 4.7 that allowed a remote malicious user to execute HTML on the Cobalt Strike teamserver. To exploit the vulnerability, one must first inspect a Cobalt Strike payload, and then modify the username field in the payload (or create a new payload with the extracted information and then modify that username field to be malformed).

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

helpsystems cobalt strike

Github Repositories

about_cobaltstrike45_cdf cobaltstrike45版本破解、去除checksum8特征、bypass BeaconEye、修复错误路径泄漏stage、增加totp双因子验证、修复CVE-2022-39197等

cve-2022-39197

CVE-2022-39197-POC CVE-2022-39197(CobaltStrike XSS <=47) POC

CVE-2022-39197 patch CVE-2022-39197 Cobalt Strike XSS 漏洞的一个临时补丁 通过 hook javaxswingplafbasicBasicHTML的isHTMLString方法来禁用swing的html支持 PS: 部分依赖html的页面无法正常渲染(例如 关于页面) 使用方法 将 patchjar 放入cobaltstrike启动目录下 在cobaltstrike启动参数中加入javaagent 启用补丁 -javaagent:patch

DogCs44 44修改版 说明 这段时间开始有人说dogcs有后门了,我寻思jar包不就放旁边吗,自己反编译和原版对比看啊。把我整无语,怕有后门就别用啊 ps:没有的时候各种求大佬给一下,等有了,运行不起来,被反制了或者掉线就说有后门 后续 所以决定不再更新dogcs了,以后也不放二开的出来

Cobaltstrike RCE 漏洞CVE-2022-39197复现 漏洞简述 该漏洞存在于Cobalt Strike的Beacon软件中,可能允许攻击者在Beacon配置中设置格式错误的用户名,触发XSS,从而导致在CS服务端上造成远程代码执行。 截图: 获取NTLMv2-SSP Hash,前提是Cobalt Strike在Windows运行 参考: wwwfreebufcom/vuls/345522html http

cobaltstrike RCE CVE-2022-39197 修改url参数为http监听的地址+端口再修改img的url参数,运行即可 go build -ldflags "-s -w"

CVE-2022-39197 CVE-2022-39197 "ID": "CVE-2022-39197", "STATE": "RESERVED"