Login Sign Up

CVE-2022-29351

9.8 CRITICAL
Remote Code Execution

📋 TL;DR

CVE-2022-29351 is an arbitrary file upload vulnerability in TiddlyWiki5 v5.2.2 that allows attackers to upload malicious SVG files containing JavaScript code. When processed, this can lead to remote code execution on the server. All users running TiddlyWiki5 v5.2.2 with file upload functionality enabled are affected.

💻 Affected Systems

Products:
  • TiddlyWiki5
Versions: v5.2.2
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects installations with file upload functionality enabled. The vendor disputes this is a legitimate vulnerability.

📦 What is this software?

Tiddlywiki5 by Tiddlywiki

View all CVEs affecting Tiddlywiki5 →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete server compromise allowing attackers to execute arbitrary commands, access sensitive data, install malware, or pivot to other systems.

🟠

Likely Case

Server-side code execution leading to data theft, website defacement, or cryptocurrency mining malware installation.

🟢

If Mitigated

Limited impact with proper file upload restrictions, but potential for limited data exposure if other vulnerabilities exist.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Proof of concept available on GitHub and YouTube demonstrating SVG file upload leading to code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: None

Vendor Advisory: None

Restart Required: No

Instructions:

No official patch available as vendor disputes the vulnerability. Consider upgrading to latest version and implementing workarounds.

🔧 Temporary Workarounds

Disable file upload functionality

all

Remove or disable the file upload module in TiddlyWiki5 configuration

Edit configuration to remove file upload capabilities

Implement strict file upload validation

all

Add server-side validation to reject SVG files or sanitize uploaded content

Implement file type validation and content scanning

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to block malicious file uploads
  • Restrict network access to TiddlyWiki5 instance and implement network segmentation

🔍 How to Verify

Check if Vulnerable:

Check if running TiddlyWiki5 v5.2.2 with file upload enabled. Test by attempting to upload a crafted SVG file.

Check Version:

Check TiddlyWiki5 version in configuration or interface

Verify Fix Applied:

Verify file upload restrictions are in place and test with malicious SVG files to ensure they are rejected.

📡 Detection & Monitoring

Log Indicators:

  • Unusual file uploads, especially SVG files with JavaScript content
  • Server error logs showing file processing failures

Network Indicators:

  • HTTP POST requests with SVG file uploads to TiddlyWiki5 endpoints

SIEM Query:

source="web_server" AND (method="POST" AND uri="/upload" AND file_extension="svg")

📊 Metadata

CVE ID: CVE-2022-29351
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-434
Published: May 16, 2022
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-29351, you might also want to check these:

CVE-2024-52490 10.0

This vulnerability allows attackers to upload arbitrary files, including web shells, to Pathomation ...

Same vulnerability type (CWE-434)
CVE-2024-43160 10.0

CVE-2024-43160 is an unauthenticated arbitrary file upload vulnerability in the BerqWP WordPress plu...

Same vulnerability type (CWE-434)
CVE-2024-8940 10.0

CVE-2024-8940 is a critical unrestricted file upload vulnerability in Scriptcase version 9.4.019 tha...

Same vulnerability type (CWE-434)