Wso2_Vul_Analysis_cve_2022_29464
0x00 Official information
On Apr 20,I found that someone posted a meesage on twitter.It was a message about cve-2022-29464.
Actually, we can get a lot of information of this vuln from wso2 official website and cve website.
1 | https://docs.wso2.com/display/Security/Security+Advisory+WSO2-2021-1738 |
Obviously,it is an unrestricted arbitrary file upload vulnerability.I installed a test enviroment and analyse the patch,so that I got the real poc by using reverse engineering.
1 | https://github.com/wso2/product-apim/releases |