CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web

Information

Description: This vulnerability allows authorization bypass and remote code exection in Bonitasoft web.
Versions Affected: 2022.1
Version Fixed:
For community:

2022.1-u0 (7.14.0) For subscription:
2022.1-u0 (7.14.0)
2021.2-u4 (7.13.4)
2021.1-0307 (7.12.11)
7.11.7
Researcher: David Yesland (https://twitter.com/daveysec)
Disclosure Link: https://rhinosecuritylabs.com/application-security/cve-2022-25237-bonitasoft-authorization-bypass/
NIST CVE Link: https://nvd.nist.gov/vuln/detail/CVE-2022-25237

Proof-of-Concept Exploit

Description

By appending ";i18ntranslation" or "/i18ntranslation/../" to certain API URLs it is possible to bypass authorization for unprivilged users and access privileged APIs. This allows an API extension to be deployed and execute code remotely.

Usage/Exploitation

Usage: python3 .\exploit.py <username> <password> http://localhost:8080/bonita 'cat /etc/passwd'

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

README.md

CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web

Information

Proof-of-Concept Exploit

Description

Usage/Exploitation

Screenshot

Files

README.md

Latest commit

History

README.md

File metadata and controls

CVE-2022-25237: Authorization Bypass Leading to RCE in Bonitasoft Web

Information

Proof-of-Concept Exploit

Description

Usage/Exploitation

Screenshot