9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-35411

GHSA ID

GHSA-8rq8-f485-7v8x

EPSS Score

0.98559%

CWE

CWE-502

Published

7/9/2022

Updated

4/22/2024

KEV Status

Technology

Python

Concerned about an active attack path?

Talk to our security experts and see Miggo in action.

Miggo Vulnerability Database

→

CVE-2022-35411

CVE-2022-35411: rpc.py vulnerable to Deserialization of Untrusted Data

rpc.py through 0.6.0 allows Remote Code Execution because an unpickle occurs when the "serializer: pickle" HTTP header is sent. In other words, although JSON (not Pickle) is the default data format, an unauthenticated client can cause the data to be processed with unpickle.

Per the maintainer, rpc.py is not designed for an API that is open to the outside world, and external requests cannot reach rpc.py in real world use.

A fix exists on the master branch. As a workaround, use the following code to turn off pickle in older versions:

del SERIALIZER_NAMES[PickleSerializer.name]
del SERIALIZER_TYPES[PickleSerializer.content_type]

(GitHub Advisory)

9.8

CVSS Score

3.1

Basic Information

CVE ID

CVE-2022-35411

GHSA ID

GHSA-8rq8-f485-7v8x

EPSS Score

0.98559%

CWE

CWE-502

Published

7/9/2022

Updated

4/22/2024

KEV Status

Technology

Python

Technical Details

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Package Name	Ecosystem	Vulnerable Versions	First Patched Version
rpc.py	pip	>= 0.4.2, <= 0.6.0

Vulnerability Intelligence
Miggo AI

Root Cause Analysis

The vulnerability stems from two connected factors: 1) The PickleSerializer.decode method directly uses unsafe pickle.loads() deserialization. 2) The serializer registry allows clients to activate this dangerous serializer via HTTP headers. The commit fix removes PickleSerializer from these registries, and exploit analysis shows RCE occurs when malicious payloads reach the decode method. Both the deserialization implementation and the serializer selection mechanism are required for the vulnerability to exist.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

rp*.py t*rou** *.*.* *llows R*mot* *o** *x**ution ****us* *n unpi*kl* o**urs w**n t** "s*ri*liz*r: pi*kl*" *TTP *****r is s*nt. In ot**r wor*s, *lt*ou** JSON (not Pi*kl*) is t** ****ult **t* *orm*t, *n un*ut**nti**t** *li*nt **n **us* t** **t* to **

Reasoning

T** vuln*r**ility st*ms *rom two *onn**t** ***tors: *) T** Pi*kl*S*ri*liz*r.***o** m*t*o* *ir**tly us*s uns*** pi*kl*.lo**s() **s*ri*liz*tion. *) T** s*ri*liz*r r**istry *llows *li*nts to **tiv*t* t*is **n**rous s*ri*liz*r vi* *TTP *****rs. T** *ommi

9.8

Basic Information

Concerned about an active attack path?

CVE-2022-35411: rpc.py vulnerable to Deserialization of Untrusted Data

9.8

Basic Information

Technical Details

Vulnerability IntelligenceMiggo AI

Root Cause Analysis

Vulnerable functions

WAF Protection Rules

WAF Rule

Reasoning

Vulnerability Intelligence
Miggo AI