CVE-2022-37155
published 2022-12-14CVE-2022-37155: RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.
PriorityP269high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
39.97%
98.4th percentile
RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | spip | < spip 3.2.11-3+deb11u5 (bullseye) | spip 3.2.11-3+deb11u5 (bullseye) |
| spip | spip | >= 0 < 3.2.11-3+deb11u5 | 3.2.11-3+deb11u5 |
| spip | spip | >= 0 < 4.1.5+dfsg-1 | 4.1.5+dfsg-1 |
| spip | spip | >= 0 < 4.1.5+dfsg-1 | 4.1.5+dfsg-1 |
| spip | spip | >= 0 < 3.1.4-4~deb9u5ubuntu0.1~esm2 | 3.1.4-4~deb9u5ubuntu0.1~esm2 |
| spip | spip | >= 0 < 3.2.7-1ubuntu0.1+esm2 | 3.2.7-1ubuntu0.1+esm2 |
| spip | spip | 3.1.13 – 4.1.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests to SPIP endpoints containing the `_oups` parameter, which is the attack vector for this authenticated RCE vulnerability in SPIP 3.1.13 through 4.1.2. ↗
- ·Exploitation requires prior authentication; unauthenticated attackers cannot directly trigger this RCE. ↗
- ·Affected versions are SPIP 3.1.13 through 4.1.2; Debian fixed versions are 3.2.11-3+deb11u5 (bullseye), 4.1.5+dfsg-1 (forky/sid/trixie). ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH
vendor_debian8.8HIGH
vendor_ubuntu6.2MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
SPIP vulnerabilities
vendor_ubuntu·2025-03-04·CVSS 6.2
CVE-2022-28959 [MEDIUM] SPIP vulnerabilities
Title: SPIP vulnerabilities
Summary: Several security issues were fixed in spip.
It was discovered that svg-sanitizer, vendored in SPIP, did not properly
sanitize SVG/XML content. An attacker could possibly use this issue to
perform cross site scripting. This issue only affected Ubuntu 24.10.
(CVE-2022-23638)
It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform cross site
scripting. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28959)
It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform PHP injection
attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28960)
It was discovered that SPIP did not properly sanitize certain
Debian
CVE-2022-37155: spip - RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute ar...
vendor_debian·2022·CVSS 8.8
CVE-2022-37155 [HIGH] CVE-2022-37155: spip - RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute ar...
RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.
Scope: local
bullseye: resolved (fixed in 3.2.11-3+deb11u5)
forky: resolved (fixed in 4.1.5+dfsg-1)
sid: resolved (fixed in 4.1.5+dfsg-1)
trixie: resolved (fixed in 4.1.5+dfsg-1)
OSV
spip vulnerabilities
osv·2025-03-04·CVSS 6.1
CVE-2022-23638 [MEDIUM] spip vulnerabilities
spip vulnerabilities
It was discovered that svg-sanitizer, vendored in SPIP, did not properly
sanitize SVG/XML content. An attacker could possibly use this issue to
perform cross site scripting. This issue only affected Ubuntu 24.10.
(CVE-2022-23638)
It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform cross site
scripting. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28959)
It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to perform PHP injection
attacks. This issue only affected Ubuntu 18.04 LTS. (CVE-2022-28960)
It was discovered that SPIP did not properly sanitize certain inputs. A
remote attacker could possibly use this issue to p
GHSA
GHSA-7c7w-25xj-4mp8: RCE in SPIP 3
ghsa_unreviewed·2022-12-14
CVE-2022-37155 [HIGH] CWE-94 GHSA-7c7w-25xj-4mp8: RCE in SPIP 3
RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via a GET parameter
OSV
CVE-2022-37155: RCE in SPIP 3
osv·2022-12-14·CVSS 8.8
CVE-2022-37155 [HIGH] CVE-2022-37155: RCE in SPIP 3
RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-1-5-SPIP-4-0-8-et-SPIP-3-2-16.htmlhttps://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.2/SPIP_4.1.2_AUTH_RCE/SPIP_4.1.2_AUTH_RCE_Abyss_Watcher_12_07_22.mdhttps://pastebin.com/ZH7CPc8Xhttps://spawnzii.github.io/posts/2022/07/how-we-have-pwned-root-me-in-2022/https://blog.spip.net/Mise-a-jour-critique-de-securite-sortie-de-SPIP-4-1-5-SPIP-4-0-8-et-SPIP-3-2-16.htmlhttps://github.com/Abyss-W4tcher/ab4yss-wr4iteups/blob/ffa980faa9e3598d49d6fb7def4f7a67cfb5f427/SPIP%20-%20Pentest/SPIP%204.1.2/SPIP_4.1.2_AUTH_RCE/SPIP_4.1.2_AUTH_RCE_Abyss_Watcher_12_07_22.mdhttps://pastebin.com/ZH7CPc8Xhttps://spawnzii.github.io/posts/2022/07/how-we-have-pwned-root-me-in-2022/
2022-12-14
Published