Lucene search

K

GoogleOSV:GHSA-J7MW-7CRR-658V

HistoryMay 13, 2022 - 1:17 a.m.

Richfaces vulnerable to arbitrary code execution

2022-05-1301:17:53

Google

osv.dev

36

0.708 High

EPSS

Percentile

98.1%

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.

References

packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html

seclists.org/fulldisclosure/2020/Mar/21

access.redhat.com/errata/RHSA-2018:3517

access.redhat.com/errata/RHSA-2018:3518

access.redhat.com/errata/RHSA-2018:3519

access.redhat.com/errata/RHSA-2018:3581

bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667

github.com/richfaces/richfaces/commit/1372eb716c1a215a5af124198f21bde33fafad06

nvd.nist.gov/vuln/detail/CVE-2018-14667

0.708 High

EPSS

Percentile

98.1%

Related for OSV:GHSA-J7MW-7CRR-658V

veracode1 attackerkb1 zdt1 cvelist1 redhat4 nessus1 prion1 cve1 redhatcve1 github1 nvd1 packetstorm1 cisa_kev1 ibm1