Rewterz Threat Advisory – Multiple SolarWinds Platform Vulnerabilities

Severity

High

Analysis Summary

CVE-2023-23836 CVSS:8.8

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an unsafe deserialization flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2022-47507 CVSS:8.8

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an unsafe deserialization flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2022-47506 CVSS:8.8

SolarWinds Platform could allow a remote authenticated attacker to traverse directories on the system, caused by improper validation of user request. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to execute arbitrary commands on the system.

CVE-2022-47504 CVSS:8.8

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by caused by an unsafe deserialization flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2022-47503 CVSS:8.8

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by caused by an unsafe deserialization flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

CVE-2022-38111 CVSS:7.2

SolarWinds Platform could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by caused by an unsafe deserialization flaw. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.

Impact

Command Execution
Gain Access

Indicators Of Compromise

CVE

CVE-2023-23836
CVE-2022-47507
CVE-2022-47506
CVE-2022-47504
CVE-2022-47503
CVE-2022-38111

Affected Vendors

SolarWinds

Affected Products

SolarWinds Platform 2022.4.1

Remediation

Refer to SolarWinds Web site for patch, upgrade or suggested workaround information.

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Rewterz Annual Threat Intelligence Report 2024 - Download Now

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

GitHub Tools Deployed in CrazyHunter Ransomware Campaigns – Active IOCs

North Korean APT Kimsuky aka Black Banshee – Active IOCs

Sophisticated BPFDoor Malware Detected Targeting Linux Systems – Active IOCs

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Advisory – Multiple Cisco Nexus Dashboard Vulnerabilities

Rewterz Threat Alert – RecordBreaker Malware – Active IOCs

The Wait Is Over!

The Rewterz Annual Threat Intelligence Report 2024 is finally here.