Miggo Logo
Book a Demo
Miggo Vulnerability Database
CVE-2022-33977

CVE-2022-33977:
untangle vulnerable to XML Entity Expansion

7.5

CVSS Score

Basic Information

CVE ID
CVE-2022-33977
GHSA ID
GHSA-7xr3-6ggc-wc9p
EPSS Score
-
CWE
CWE-776
Published
8/6/2022
Updated
11/18/2024
KEV Status
No
Technology
TechnologyPython

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
untanglepip< 1.2.11.2.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from improper XML parsing configuration. The 1.2.1 patch notes explicitly mention switching to defusedxml's parser to fix security issues. As untangle's primary interface is the parse() function, and XML entity expansion vulnerabilities typically occur in the XML parsing entry point, this function was vulnerable when using the insecure parser. The CWE-776 description confirms this relates directly to DTD handling during XML parsing.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

### Imp**t *n *tt**k*r m*y ** **l* to **us* * **ni*l-o*-s*rvi** (*oS) *on*ition on t** s*rv*r on w*i** t** pro*u*t is runnin*. T*is *****ts unt*n*l* v*rsions up to *n* in*lu*in* *.*.* ### P*t***s T** pro*l*m **s ***n *ix** wit* v*rsion *.*.* ### Wo

Reasoning

T** vuln*r**ility st*ms *rom improp*r XML p*rsin* *on*i*ur*tion. T** *.*.* p*t** not*s *xpli*itly m*ntion swit**in* to ***us**xml's p*rs*r to *ix s**urity issu*s. *s unt*n*l*'s prim*ry int*r**** is t** p*rs*() *un*tion, *n* XML *ntity *xp*nsion vuln*