.. / CVE-2022-35413

Exploit for WAPPLES Web Application Firewall <=6.0 - Hardcoded Credentials (CVE-2022-35413)

Description:

WAPPLES Web Application Firewall through 6.0 contains a hardcoded credentials vulnerability. It contains a hardcoded system account accessible via db/wp.no1, as configured in the /opt/penta/wapples/script/wcc_auto_scaling.py file. An attacker can use this account to access system configuration and confidential information, such as SSL keys, via an HTTPS request to the /webapi/ URI on port 443 or 5001.

Nuclei Template

View the template here CVE-2022-35413.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-35413.yaml
Copy

References:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35413
https://azuremarketplace.microsoft.com/en/marketplace/apps/penta-security-systems-inc.wapples_sa_v6?tab=Overview
https://nvd.nist.gov/vuln/detail/CVE-2022-35413
https://medium.com/@_sadshade/wapples-web-application-firewall-multiple-vulnerabilities-35bdee52c8fb
https://www.pentasecurity.com/product/wapples/