virus logo Intrusion Prevention

WSO2.fileupload.Arbitrary.File.Upload

description-logoDescription

This indicates an attack attempt to exploit an Arbitrary File Upload Vulnerability in the affected WSO2 products.
This vulnerability is due to improper user input validation, allowing arbitrary file upload via the /fileupload endpoint. An unauthenticated attacker could exploit this vulnerability by sending a crafted request to the target server. Successful exploitation of this vulnerability could result in remote code execution.

affected-products-logoAffected Products

WSO2 API Manager 2.2.0 and above through 4.0.0
WSO2 Identity Server 5.2.0 and above through 5.11.0
WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0
WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0
WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's website for suggested workaround:
https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1738

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2022-06-07 21.334 Default_action:pass:drop
2022-05-10 20.312
ID 51501
Created Apr 28, 2022
Updated Jun 06, 2022
Threat Signal View Report
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
CVE ID CVE-2022-29464
Known Exploited Yes
Exploit Prediction Score 97.25%
Default Action drop
Active
Affected OS All
Affected App Other