.. / CVE-2022-47986

Exploit for IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution (CVE-2022-47986)

Description:

IBM Aspera Faspex through 4.4.2 Patch Level 1 is susceptible to remote code execution via a YAML deserialization flaw. This can allow an attacker to send a specially crafted obsolete API call and thereby execute arbitrary code, obtain sensitive data, and/or execute other unauthorized operations.

Nuclei Template

View the template here CVE-2022-47986.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2022/CVE-2022-47986.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2022-47986
https://exchange.xforce.ibmcloud.com/vulnerabilities/243512
https://www.ibm.com/support/pages/node/6952319
https://blog.assetnote.io/2023/02/02/pre-auth-rce-aspera-faspex/
http://packetstormsecurity.com/files/171772/IBM-Aspera-Faspex-4.4.1-YAML-Deserialization.html