CVE-2022-41279

Risk Scores

Affected Products

Exploit Intelligence

• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
• Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
• Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
• Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
• Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)

…and 536 more exploits

Timeline

• Oct 2, 2020 PoC Published
• Nov 6, 2020 PoC Published
• Sep 6, 2021 PoC Published
• Dec 12, 2022 CVE Published
• Dec 14, 2022 EPSS Score
• Jan 25, 2023 EPSS Score
• Mar 7, 2023 EPSS Score
• Mar 8, 2023 EPSS Score
• Apr 18, 2023 EPSS Score
• May 30, 2023 EPSS Score
• Jul 11, 2023 EPSS Score
• Aug 22, 2023 EPSS Score

References

• https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-2296.json advisory
• https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-2296 advisory
• https://cert-portal.siemens.com/productcert/pdf/ssa-700053.pdf advisory
• https://cert-portal.siemens.com/productcert/pdf/ssa-360681.pdf advisory