Vulnerability Details : CVE-2022-35914
Public exploit exists!
/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.
Products affected by CVE-2022-35914
- cpe:2.3:a:glpi-project:glpi:*:*:*:*:*:*:*:*
CVE-2022-35914 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Teclib GLPI Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Teclib GLPI contains a remote code execution vulnerability in the third-party library, htmlawed.
Notes:
https://glpi-project.org/fr/glpi-10-0-3-disponible/, http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed.; https://nvd.nist.gov/vuln/detail/CVE-2022-35914
Added on
2023-03-07
Action due date
2023-03-28
Exploit prediction scoring system (EPSS) score for CVE-2022-35914
97.51%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2022-35914
-
GLPI htmLawed php command injection
Disclosure Date: 2022-01-26First seen: 2022-12-23exploit/linux/http/glpi_htmlawed_php_injectionThis exploit takes advantage of a unauthenticated php command injection available from GLPI versions 10.0.2 and below to execute a command. Authors: - cosad3s - bwatters-r7
CVSS scores for CVE-2022-35914
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2022-35914
-
The product constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component.Assigned by: nvd@nist.gov (Primary)
References for CVE-2022-35914
-
https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/POC_2022-35914.sh
CVE-repository/PoCs/POC_2022-35914.sh at master · Orange-Cyberdefense/CVE-repository · GitHub
-
http://www.bioinformatics.org/phplabware/sourceer/sourceer.php?&Sfs=htmLawedTest.php&Sl=.%2Finternal_utilities%2FhtmLawed
source code: ./internal_utilities/htmLawed/htmLawedTest.php | PHP Labware source code viewerPatch;Third Party Advisory
-
https://github.com/Orange-Cyberdefense/CVE-repository/
GitHub - Orange-Cyberdefense/CVE-repository: Repository of CVE found by OCD people
-
https://github.com/glpi-project/glpi/releases
Releases · glpi-project/glpi · GitHubRelease Notes;Third Party Advisory
-
https://glpi-project.org/fr/glpi-10-0-3-disponible/
GLPI 10.0.3 disponible - GLPI ProjectRelease Notes;Vendor Advisory
-
https://mayfly277.github.io/posts/GLPI-htmlawed-CVE-2022-35914/
GLPI htmlawed (CVE-2022-35914) | Mayfly
-
http://packetstormsecurity.com/files/169501/GLPI-10.0.2-Command-Injection.html
GLPI 10.0.2 Command Injection ≈ Packet StormExploit;Third Party Advisory;VDB Entry
Jump to