CVE-2022-27043
published 2022-04-15CVE-2022-27043: Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 - 2.3.6 Neptune is vulnerable to Directory Traversal.
PriorityP357high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
6.02%
92.4th percentile
Yearning versions 2.3.1 and 2.3.2 Interstellar GA and 2.3.4 - 2.3.6 Neptune is vulnerable to Directory Traversal.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| yearning | yearning | — | — |
| yearning | yearning | — | — |
| yearning | yearning | 2.3.4 – 2.3.6 | — |
Detection & IOCsextracted from sources · hover to see the quote
url/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/etc/passwd↗
url/front//%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c/windows/win.ini↗
- →Match HTTP GET requests to the /front/ endpoint containing URL-encoded backslash traversal sequences (%5c..%5c) in the path, with a 200 response, Content-Type of text/plain, and body matching 'root:.*:0:0:' (Linux) or both '[fonts]' and 'for 16-bit app support' (Windows). ↗
- →The traversal payload uses a double-slash followed by URL-encoded backslashes (//%5c..%5c) at the /front/ endpoint — detect this specific pattern in HTTP access logs or WAF telemetry as an exploitation indicator. ↗
- →The vulnerability is unauthenticated (PR:N, UI:N); no session token or credentials are required. Monitor for directory traversal attempts against Yearning instances identifiable via FOFA query app="Yearning". ↗
- ·Affected versions are specifically Yearning 2.3.1, 2.3.2 (Interstellar GA), and 2.3.4–2.3.6 (Neptune). Detection rules should be scoped to these versions to reduce false positives. ↗
- ·The Nuclei template uses stop-at-first-match across two payloads (Linux /etc/passwd and Windows win.ini), meaning only one request will be sent per target. Detection logic should account for both OS variants. ↗
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Yearning - Directory Traversal
nuclei·CVSS 7.5
CVE-2022-27043 [HIGH] Yearning - Directory Traversal
Yearning - Directory Traversal
Yearning has a directory traversal vulnerability that can be exploited by attackers to obtain sensitive information. The vulnerability is present in multiple versions of Yearning.
Template:
id: CVE-2022-27043
info:
name: Yearning - Directory Traversal
author: Co5mos
severity: high
description: |
Yearning has a directory traversal vulnerability that can be exploited by attackers to obtain sensitive information. The vulnerability is present in multiple versions of Yearning.
impact: |
Unauthenticated attackers can exploit directory traversal to read arbitrary files from the Yearning database management system, potentially accessing sensitive configuration files, credentials, and SQL audit logs.
remediation: |
Update Yearning to a patched version that properl
2022-04-15
Published