Linux Distros Unpatched Vulnerability : CVE-2022-29622

🗓️ 05 Mar 2025 00:00:00Reported by TenableType

Linux host has unpatched vulnerability CVE-2022-29622; arbitrary file upload risks present.

Reporter	Title	Published	Views	Family All 23
IBM Security Bulletins	Security Bulletin: IBM Cognos Dashboards on Cloud Pak for Data has addressed security vulnerabilities	15 Apr 202502:19	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities affect IBM Db2 On Openshift, IBM Db2® on Cloud Pak for Data and Db2 Warehouse® on Cloud Pak for Data	27 Oct 202215:10	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container DesignerAuthoring instances may be vulnerable to code injection due to CVE-2022-29622	12 Jul 202209:37	–	ibm
IBM Security Bulletins	Security Bulletin: Netcool Operations Insight v1.6.6 contains fixes for multiple security vulnerabilities.	25 Oct 202213:11	–	ibm
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Formidable_Project Formidable	5 Jun 202222:15	–	githubexploit
ATTACKERKB	CVE-2022-29622	16 May 202214:15	–	attackerkb
Circl	CVE-2022-29622	16 May 202218:26	–	circl
CNNVD	formidable 代码问题漏洞	16 May 202200:00	–	cnnvd
CVE	CVE-2022-29622	16 May 202200:00	–	cve
Cvelist	CVE-2022-29622	16 May 202200:00	–	cvelist

Source	Link
security-tracker	www.security-tracker.debian.org/tracker/CVE-2022-29622
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(224644);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/08/18");

  script_cve_id("CVE-2022-29622");

  script_name(english:"Linux Distros Unpatched Vulnerability : CVE-2022-29622");

  script_set_attribute(attribute:"synopsis", value:
"The Linux/Unix host has one or more packages installed with a vulnerability that the vendor indicates will not be
patched.");
  script_set_attribute(attribute:"description", value:
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied
patch available.

  - An arbitrary file upload vulnerability in formidable v3.1.4 allows attackers to execute arbitrary code via
    a crafted filename. NOTE: some third parties dispute this issue because the product has common use cases
    in which uploading arbitrary files is the desired behavior. Also, there are configuration options in all
    versions that can change the default behavior of how files are handled. Strapi does not consider this to
    be a valid vulnerability. (CVE-2022-29622)

Note that Nessus relies on the presence of the package as reported by the vendor.");
  script_set_attribute(attribute:"see_also", value:"https://security-tracker.debian.org/tracker/CVE-2022-29622");
  script_set_attribute(attribute:"solution", value:
"There is no known solution at this time.");
  script_set_attribute(attribute:"agent", value:"unix");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2022-29622");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_set_attribute(attribute:"vendor_unpatched", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2022/05/16");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/03/05");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:debian:debian_linux:11.0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:debian:debian_linux:node-formidable");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("set_linux_os_id.nasl", "ssh_get_info2.nasl");
  script_require_keys("Host/OS/identifier", "Host/cpu", "Host/local_checks_enabled", "global_settings/vendor_unpatched");
  script_require_ports("Host/OS/Debian Linux-11");

  exit(0);
}

if (!get_kb_item("global_settings/vendor_unpatched")) exit(0, "Unpatched Vulnerabilities Detection not active.");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
if (empty_or_null(get_one_kb_item("Host/Debian/dpkg-l"))) audit(AUDIT_PACKAGE_LIST_MISSING);

include('linux_unpatched.inc');

var distro_constraints_array = {
  "Debian Linux-11": {
    "package_manager": "dpkg-l",
    "constraints": [
      {
        "release": "11",
        "pkgs": [
          {"reference": "node-formidable"}
        ]
      }
    ]
  }
};

var distro_constraints_values = linux_unpatched::get_distro_constraints(distro_constraints_arr:distro_constraints_array);
if (empty_or_null(distro_constraints_values)) audit(AUDIT_HOST_NOT, 'affected');
var report = linux_unpatched::check_unpatched_constraints(distro_constraints_values:distro_constraints_values);

if (!empty_or_null(report))
{
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : report
  );
  exit(0);
}
else
{
  audit(AUDIT_HOST_NOT, 'affected');
}

18 Aug 2025 00:00Current

8.6High risk

Vulners AI Score8.6

CVSS 27.5

CVSS 3.19.8

EPSS0.24463

SSVC