CVE-2022-47879
published 2023-05-12CVE-2022-47879: A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn'…
PriorityP359high7.5CVSS 3.1
AVNACHPRLUINSUCHIHAH
EXPLOIT
EPSS
6.74%
93.1th percentile
A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods. NOTE: The vendor states that the vulnerability affects installations running version 22.5 or earlier. The issue was resolved with version 23.2 and later versions are not affected.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| jedox | jedox | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Jedox 2022.4.2 - Code Execution via RPC Interfaces
exploitdb·2023-05-05·CVSS 7.5
CVE-2022-47879 [HIGH] Jedox 2022.4.2 - Code Execution via RPC Interfaces
Jedox 2022.4.2 - Code Execution via RPC Interfaces
---
# Exploit Title: Jedox 2022.4.2 - Code Execution via RPC Interfaces
# Date: 28/04/2023
# Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL
# Vendor Homepage: https://jedox.com
# Version: Jedox 2022.4 (22.4.2) and older
# CVE : CVE-2022-47879
Introduction
A Remote Code Execution (RCE) vulnerability in /be/rpc.php and /be/erpc.php allows remote authenticated users to load arbitrary PHP classes from the rtn directory and to execute its methods. To exploit this vulnerability, the attacker needs knowledge about loadable classes, their methods and arguments.
Write-Up
See [Docs Syslifters](https://docs.syslifters.com/) for a detailed write-up on how to exploit vulnerability.
Proof of Conce
Exploit-DB
Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls
exploitdb·2023-05-05·CVSS 6.5
CVE-2022-47874 [MEDIUM] Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls
Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls
---
# Exploit Title: Jedox 2020.2.5 - Disclosure of Database Credentials via Improper Access Controls
# Date: 28/04/2023
# Exploit Author: Team Syslifters / Christoph MAHRL, Aron MOLNAR, Patrick PIRKER and Michael WEDL
# Vendor Homepage: https://jedox.com
# Version: Jedox 2020.2 (20.2.5) and older
# CVE : CVE-2022-47874
Introduction
Improper access controls in `/tc/rpc` allows remote authenticated users to view details of database connections via the class `com.jedox.etl.mngr.Connections` and the method `getGlobalConnection`. To exploit the vulnerability, the attacker must know the name of the database connection.
Write-Up
See [Docs Syslifters](https://docs.syslifters.com/) for a detailed write-up on how
No writeups or analysis indexed.
http://jedox.comhttps://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdfhttps://jedox.mantishub.io/app/issues/57236https://jedox.mantishub.io/app/issues/57237https://jedox.mantishub.io/app/issues/57238https://jedox.mantishub.io/app/issues/57239http://jedox.comhttps://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf
2023-05-12
Published