Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2022-47986

Published: 17/02/2023 Updated: 26/04/2023
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Ibm

Vulnerability Summary

IBM Aspera Faspex 4.4.2 Patch Level 1 and previous versions could allow a remote malicious user to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was removed in Faspex 4.4.2 PL2. IBM X-Force ID: 243512.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ibm aspera_faspex

ibm aspera_faspex 4.4.2

Github Repositories

https://github.com/mauricelambert/CVE-2022-47986

CVE-2022-47986: Python, Ruby, NMAP and Metasploit modules to exploit the vulnerability.

CVE-2022-47986 Why This vulnerability is exploited in the wild IceFire use this vulnerability to deploy the ransomware on targeted systems, i would like to help SOC/Blue teams to identify impacted systems and Pentesters/Red teams to exploit and report it Description I propose pure python and ruby scripts, metasploit and nmap modules to exploit the vulnerability that causes a

https://github.com/dhina016/CVE-2022-47986

CVE-2022-47986

https://github.com/LubyRuffy/gofofa

fofa client in Go

gofofa fofa client in Go Background The official library doesn't has unittests, 之前官方的库功能不全,代码质量差,完全没有社区活跃度,不符合开源项目的基本要求。因此,想就fofa的客户端作为练手,解决上述问题。 Usage Build and run ~ go install githubcom/LubyRuffy/gofofa/cmd/fofa@latest ~ fofa ~ FOFA_CLIENT_U

https://github.com/ohnonoyesyes/CVE-2022-47986

Aspera Faspex Pre Auth RCE

CVE-2022-47986 Aspera Faspex Pre Auth RCE blogassetnoteio/2023/02/02/pre-auth-rce-aspera-faspex/ Poc Usage: python3 pocpy xxxxx whoami

Recent Articles

Buhti: New Ransomware Operation Relies on Repurposed Payloads
Symantec Threat Intelligence Blog • Threat Hunter Team • 25 May 2024

Attackers use rebranded variants of leaked LockBit and Babuk ransomware payloads but use own custom exfiltration tool.

Posted: 25 May, 20235 Min ReadThreat Intelligence SubscribeFollowtwitterlinkedinBuhti: New Ransomware Operation Relies on Repurposed PayloadsAttackers use rebranded variants of leaked LockBit and Babuk ransomware payloads but use own custom exfiltration tool.A relatively new ransomware operation calling itself Buhti appears to be eschewing developing its own payload and is instead utilizing variants of the leaked LockBit and Babuk ransomware families to ...

Read more...

References

CWE-502https://www.ibm.com/support/pages/node/6952319https://exchange.xforce.ibmcloud.com/vulnerabilities/243512http://packetstormsecurity.com/files/171772/IBM-Aspera-Faspex-4.4.1-YAML-Deserialization.htmlhttps://nvd.nist.govhttps://github.com/mauricelambert/CVE-2022-47986https://www.symantec.com/blogs/threat-intelligence/buhti-ransomware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002CVE-2006-4304CVE-2024-4336CVE-2024-33437CVE-2024-4340CVE-2024-27956privilegeinsecure direct object referenceXSSitem search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook