Lucene search

SnykCVELIST:CVE-2022-21167

HistoryMay 01, 2022 - 3:30 p.m.

CVE-2022-21167 Arbitrary Code Execution

2022-05-0115:30:17

snyk

www.cve.org

cve-2022-21167

arbitrary code execution

binaryformatter

socketclient

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.004

Percentile

73.2%

JSON

All versions of package masuit.tools.core are vulnerable to Arbitrary Code Execution via the ReceiveVarData<T> function in the SocketClient.cs component. The socket client in the package can pass in the payload via the user-controllable input after it has been established, because this socket client transmission does not have the appropriate restrictions or type bindings for the BinaryFormatter.

CNA Affected

[
  {
    "product": "Masuit.Tools.Core",
    "vendor": "n/a",
    "versions": [
      {
        "lessThan": "unspecified",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

References

github.com/ldqk/Masuit.Tools/blob/327f42b9f20f25bb66188672199c8265fc968d91/Masuit.Tools.Abstractions/Net/SocketClient.cs%23L197

snyk.io/vuln/SNYK-DOTNET-MASUITTOOLSCORE-2316875

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

9.9

Confidence

High

EPSS

0.004

Percentile

73.2%

JSON

Related for CVELIST:CVE-2022-21167