CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

By inserting malicious content in a FTL template, an attacker may perform SSTI (Server-Side Template Injection) attacks, which can leverage FreeMarker exposed objects to bypass restrictions and obtain RCE (Remote Code Execution).

Vendor Disclosure:

The vendor's disclosure and fix for this vulnerability can be found here.

Requirements:

This vulnerability requires:

Valid user credentials

Proof Of Concept:

More details and the exploitation process can be found in this PDF.

Additional Resources:

Initial vulnerability (CVE-2020-25803) and blogpost by Alvaro "pwntester" Munoz that inspired the SSTI research and finding of this vulnerability.

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
CrafterCMS - CVE-2022-40634.pdf		CrafterCMS - CVE-2022-40634.pdf
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

CrafterCMS - CVE-2022-40634.pdf

CrafterCMS - CVE-2022-40634.pdf

README.md

README.md

Repository files navigation

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

Vendor Disclosure:

Requirements:

Proof Of Concept:

Additional Resources:

About

mbadanoiu/CVE-2022-40634

Folders and files

Latest commit

History

CrafterCMS - CVE-2022-40634.pdf

CrafterCMS - CVE-2022-40634.pdf

README.md

README.md

Repository files navigation

CVE-2022-40634: FreeMarker Server-Side Template Injection in CrafterCMS

Vendor Disclosure:

Requirements:

Proof Of Concept:

Additional Resources:

About

Topics

Resources

Stars

Watchers

Forks