CVE-2022-30470
Published: 02 June 2022
Summary
CVE-2022-30470 is a critical-severity an unspecified weakness vulnerability in Afian Filerun. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 7.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2022-30470 is a remote code execution vulnerability in Afian FileRun version 20220202. The issue stems from the application's handling of the "search_tika_path" configuration variable, which can be altered to reference a previously uploaded custom JAR file that then executes in the context of the webserver user.
Unauthenticated attackers with network access can exploit the flaw without requiring credentials or user interaction. Successful exploitation grants arbitrary code execution, enabling full compromise of confidentiality, integrity, and availability on the affected server.
The listed references direct to the FileRun changelog, indicating that subsequent updates address the configuration handling issue.
The associated EPSS score has remained flat at 0.0829 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2022-52353
Vulnerability details
In Afian Filerun 20220202 Changing the "search_tika_path" variable to a custom (and previously uploaded) jar file results in remote code execution in the context of the webserver user.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.