CVE-2022-47717 – CVE-2022-47717 is a Cross-Origin Resource Shari... (How to Fix)

📋 TL;DR

CVE-2022-47717 is a Cross-Origin Resource Sharing (CORS) misconfiguration vulnerability in Last Yard version 22.09.8-1 that allows malicious websites to make unauthorized requests to the vulnerable application. This affects organizations using the vulnerable Last Yard version, potentially exposing sensitive data to attackers.

💻 Affected Systems

Products:

Last Yard

Versions: 22.09.8-1

Operating Systems: All platforms running Last Yard

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Last Yard 22.09.8-1 specifically; other versions may have different CORS configurations.

📦 What is this software?

Last Yard by Lastyard

View all CVEs affecting Last Yard →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could steal sensitive user data, perform unauthorized actions on behalf of authenticated users, or compromise the entire application through chained attacks.

🟠

Likely Case

Data exfiltration of user information and session hijacking through cross-origin requests from malicious websites.

🟢

If Mitigated

Limited impact with proper CORS policies, but still potential for information disclosure if other vulnerabilities exist.

🌐 Internet-Facing: HIGH

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires user interaction (visiting malicious website) but technical complexity is low.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Later versions after 22.09.8-1

Vendor Advisory: https://github.com/l00neyhacker/CVE-2022-47717

Restart Required: Yes

Instructions:

1. Upgrade Last Yard to a version after 22.09.8-1
2. Restart the Last Yard service
3. Verify CORS headers are properly configured

🔧 Temporary Workarounds

Configure CORS Headers

all

Manually configure proper CORS headers to restrict cross-origin requests

Configure web server (nginx/apache) or application to set appropriate Access-Control-Allow-Origin headers

Web Application Firewall Rules

all

Implement WAF rules to block malicious cross-origin requests

Add WAF rules to inspect and block improper CORS headers

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers
Deploy reverse proxy with CORS validation
Isolate vulnerable system from internet access
Monitor for suspicious cross-origin requests

🔍 How to Verify

Check if Vulnerable:

Check if Last Yard version is 22.09.8-1 and test CORS headers using browser developer tools or curl: curl -I -H "Origin: http://evil.com" https://target-url

Check Version:

Check Last Yard configuration files or admin interface for version information

Verify Fix Applied:

Verify version is updated and test CORS headers no longer allow unauthorized origins

📡 Detection & Monitoring

Log Indicators:

Unusual cross-origin requests
Requests with suspicious Origin headers
Failed CORS preflight requests

Network Indicators:

HTTP requests with Origin headers to sensitive endpoints
CORS preflight OPTIONS requests

SIEM Query:

http.method:OPTIONS AND http.headers.origin:* NOT http.headers.origin:trusted-domain

📊 Metadata

CVE ID: CVE-2022-47717

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-942

Published: February 1, 2023

Last Updated: March 27, 2025

🔗 References

https://github.com/l00neyhacker/CVE-2022-47717 Exploit,Third Party Advisory
https://github.com/l00neyhacker/CVE-2022-47717 Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-47717, you might also want to check these: