Vulnerability Details CVE-2022-35411
rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.709
EPSS Ranking 98.6%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://packetstormsecurity.com/files/167872/rpc.py-0.6.0-Remote-Code-Execution.html
- https://github.com/abersheeran/rpc.py/commit/491e7a841ed9a754796d6ab047a9fb16e23bf8bd
- https://github.com/ehtec/rpcpy-exploit
- https://medium.com/%40elias.hohl/remote-code-execution-0-day-in-rpc-py-709c76690c30
- http://packetstormsecurity.com/files/167872/rpc.py-0.6.0-Remote-Code-Execution.html
- https://github.com/abersheeran/rpc.py/commit/491e7a841ed9a754796d6ab047a9fb16e23bf8bd
- https://github.com/ehtec/rpcpy-exploit
- https://medium.com/%40elias.hohl/remote-code-execution-0-day-in-rpc-py-709c76690c30
Products affected by CVE-2022-35411
-
cpe:2.3:a:rpc.py_project:rpc.py:0.4.2
-
cpe:2.3:a:rpc.py_project:rpc.py:0.4.3
-
cpe:2.3:a:rpc.py_project:rpc.py:0.5.0
-
cpe:2.3:a:rpc.py_project:rpc.py:0.5.1
-
cpe:2.3:a:rpc.py_project:rpc.py:0.6.0