CVE-2022-23623 – CVE-2022-23623 is an input validation vulnerabi... (How to Fix)

Q: What is the severity of CVE-2022-23623?

CVE-2022-23623 has a CVSS score of 8.1 (HIGH). CVE-2022-23623 is an input validation vulnerability in the Frourio TypeScript framework where validators fail to properly validate request bodies and queries in specific situations, allowing unvalidated input to pass through. This affects Frourio users running versions prior to v0.26.0 who have integrated class-validator through the validators/ folder. The vulnerability could allow attackers to bypass input validation controls.

📋 TL;DR

CVE-2022-23623 is an input validation vulnerability in the Frourio TypeScript framework where validators fail to properly validate request bodies and queries in specific situations, allowing unvalidated input to pass through. This affects Frourio users running versions prior to v0.26.0 who have integrated class-validator through the validators/ folder. The vulnerability could allow attackers to bypass input validation controls.

💻 Affected Systems

Products:

Frourio

Versions: All versions prior to v0.26.0

Operating Systems: All

Default Config Vulnerable: ✅ No

Notes: Only affects configurations using class-validator integration through the validators/ folder. Pure Frourio installations without this integration are not vulnerable.

📦 What is this software?

Frourio by Frourio

View all CVEs affecting Frourio →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could inject malicious payloads that bypass validation, potentially leading to remote code execution, data corruption, or privilege escalation depending on how the unvalidated input is processed.

🟠

Likely Case

Input validation bypass allowing injection attacks (SQL injection, XSS, command injection) or business logic manipulation through malformed requests.

🟢

If Mitigated

With proper input validation at other layers or strict output encoding, impact could be limited to minor data integrity issues.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires sending specially crafted requests to endpoints that would normally validate input. No authentication bypass is needed if endpoints are publicly accessible.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: v0.26.0 and later

Vendor Advisory: https://github.com/frouriojs/frourio/security/advisories/GHSA-8xxm-h73r-ghfj

Restart Required: Yes

Instructions:

1. Update Frourio to v0.26.0 or later using npm: npm update frourio@^0.26.0. 2. Install required dependencies: npm install class-transformer reflect-metadata. 3. Restart the application server.

🔧 Temporary Workarounds

Disable vulnerable endpoints

all

Temporarily disable or restrict access to endpoints using class-validator through the validators/ folder

Implement additional validation layer

all

Add custom middleware to validate all request bodies and queries before they reach the vulnerable validators

🧯 If You Can't Patch

Implement Web Application Firewall (WAF) rules to block suspicious input patterns
Add additional input validation at the application level outside of Frourio's validator system

🔍 How to Verify

Check if Vulnerable:

Check package.json for frourio version <0.26.0 and verify if class-validator is used through the validators/ folder

Check Version:

npm list frourio

Verify Fix Applied:

Confirm frourio version is >=0.26.0 and both class-transformer and reflect-metadata are installed

📡 Detection & Monitoring

Log Indicators:

Unusual request patterns bypassing validation, unexpected input in request bodies/queries

Network Indicators:

Requests with malformed parameters that should be rejected by validation

SIEM Query:

source="application_logs" AND (message="validation error" OR message="unexpected input") AND NOT (message="validation passed")

📊 Metadata

CVE ID: CVE-2022-23623

CVSS v3 Score: 8.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-20

Published: February 7, 2022

Last Updated: November 21, 2024

🔗 References

https://github.com/frouriojs/frourio/commit/7c19ac5363305b81b1c6b5232620228763d427af Patch,Third Party Advisory
https://github.com/frouriojs/frourio/security/advisories/GHSA-8xxm-h73r-ghfj Third Party Advisory
https://github.com/frouriojs/frourio/commit/7c19ac5363305b81b1c6b5232620228763d427af Patch,Third Party Advisory
https://github.com/frouriojs/frourio/security/advisories/GHSA-8xxm-h73r-ghfj Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-23623, you might also want to check these: