CVE-2022-40146 PoC — Jar url should be blocked by DefaultScriptSecurity

Source

https://github.com/soulfoodisgood/CVE-2022-40146

Associated Vulnerability

Title:Jar url should be blocked by DefaultScriptSecurity (CVE-2022-40146)
Description:Server-Side Request Forgery (SSRF) vulnerability in Batik of Apache XML Graphics allows an attacker to access files using a Jar url. This issue affects Apache XML Graphics Batik 1.14.

Description

Vulnerable svg-to-png service

File Snapshot


 [4.0K]  /data/pocs/493cd7470202c0a78a045d3e39f21f7c8be62690
├── [2.5K]  ApacheBatik_SSRF_RCE_Poc-1.0-SNAPSHOT.jar
└── [4.0K]  SvgToJpeg
    ├── [   0]  demo.jpg
    ├── [2.8K]  pom.xml
    ├── [4.0K]  src
    │   └── [4.0K]  main
    │       ├── [4.0K]  java
    │       │   └── [4.0K]  com
    │       │       └── [4.0K]  example
    │       │           └── [4.0K]  svgtojpg
    │       │               ├── [1.6K]  SvgController.java
    │       │               └── [ 333]  SvgToJpegApplication.java
    │       └── [4.0K]  resources
    │           └── [  17]  application.properties
    └── [4.0K]  target
        ├── [4.0K]  classes
        │   ├── [  17]  application.properties
        │   └── [4.0K]  com
        │       └── [4.0K]  example
        │           └── [4.0K]  svgttojpeg
        │               ├── [2.7K]  SvgController.class
        │               └── [ 730]  SvgToJpegApplication.class
        └── [4.0K]  maven-status
            └── [4.0K]  maven-compiler-plugin
                └── [4.0K]  compile
                    └── [4.0K]  default-compile
                        ├── [  93]  createdFiles.lst
                        └── [ 177]  inputFiles.lst

17 directories, 11 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.

View subscription plans →

Goal Reached Thanks to every supporter — we hit 100%!