Skip to content
/ CVE-2022-40634 Public

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

mbadanoiu/CVE-2022-40634

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
CrafterCMS - CVE-2022-40634.pdf
CrafterCMS - CVE-2022-40634.pdf
 
 
README.md
README.md
 
 

Repository files navigation

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

By inserting malicious content in a FTL template, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and obtain RCE (Remote Code Execution).

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Requirements:

This vulnerability requires:

  • Valid user credentials

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

Additional Resources:

Initial vulnerability (CVE-2020-25803) and blogpost by Alvaro "pwntester" Munoz that inspired the SSTI research and finding of this vulnerability.

About

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

Topics

authenticated cve bypass remote-code-execution server-side-template-injection cves 0-day cve-2022-40634 cve-2020-25803

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository