JAI-EXT code execution | CVE-2022-24816

April 19, 2022

NAME

JAI-EXT code execution

  • Platforms Affected:
    JAI-EXT JAI-EXT 1.1.21
  • Risk Level:
    10
  • Exploitability:
    Unproven
  • Consequences:
    Gain Access

DESCRIPTION

JAI-EXT could allow a remote attacker to execute arbitrary code on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVSS 3.0 Information

  • Privileges Required: None
  • User Interaction: None
  • Scope: Changed
  • Access Vector: Network
  • Access Complexity: Low
  • Confidentiality Impact: High
  • Integrity Impact: High
  • Availability Impact: High
  • Remediation Level: Official Fix

MITIGATION

Refer to JAI-EXT GIT Repository for patch, upgrade or suggested workaround information. See References.

  • Reference Link:
    https://github.com/geosolutions-it/jai-ext/security/advisories/GHSA-v92f-jx6p-73rx
  • Reference Link:
    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24816

If you like the site, please consider joining the telegram channel and supporting us on Patreon using the button below.

Digital Patreon Wordmark FieryCoralv2

You may have missed

Cobalt Strike

Cobalt Strike Beacon Detected – 52[.]231[.]10[.]139:8080

November 23, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 54[.]224[.]145[.]120:443

November 23, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 118[.]193[.]37[.]157:8889

November 23, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 103[.]225[.]196[.]197:80

November 23, 2024
Cobalt Strike

Cobalt Strike Beacon Detected – 101[.]201[.]247[.]232:4433

November 23, 2024