CVE-2022-25894

Опубликовано: 26 янв. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evaluate(context); functionality, due to improper user input validation.

Ссылки

https://fmyyy1.github.io/2022/10/23/uflo2rce/
Exploit
Third Party Advisory
https://github.com/youseries/uflo/blob/b3e198bc6523e5a6ba69edd84ba10e05a3b78726/uflo-core/src/main/java/com/bstek/uflo/expr/impl/ExpressionContextImpl.java%23L126
Broken Link
https://security.snyk.io/vuln/SNYK-JAVA-COMBSTEKUFLO-3091112
Third Party Advisory
https://fmyyy1.github.io/2022/10/23/uflo2rce/
Exploit
Third Party Advisory
https://github.com/youseries/uflo/blob/b3e198bc6523e5a6ba69edd84ba10e05a3b78726/uflo-core/src/main/java/com/bstek/uflo/expr/impl/ExpressionContextImpl.java%23L126
Broken Link
https://security.snyk.io/vuln/SNYK-JAVA-COMBSTEKUFLO-3091112
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:uflo_project:uflo:*:*:*:*:*:*:*:*

EPSS

Процентиль: 88%

0.03741

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-94

Связанные уязвимости

GHSA-8m9f-c5p9-wqch