Exploit for Improper Authentication in Shinken-Monitoring Shinken Monitoring CVE-2022-37298

Name: Exploit for Improper Authentication in Shinken-Monitoring Shinken Monitoring CVE-2022-37298
Rating: 5 (210 reviews)

2022-10-13 | CVSS 7.5

## https://sploitus.com/exploit?id=2ACDC990-52B7-5958-857B-A840D33A2BE2
# CVE-2022-37298: RCE in Shinken Monitoring 

**Versions affected:** 2.4.3  
**Disclosure link:** https://github.com/naparuba/shinken/commit/2dae40fd1e713aec9e1966a0ab7a580b9180cff2  
**CVE link:** https://vulners.com/cve/CVE-2022-37298  
  
## Description

The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme (actually no authentication at all) when unserializing objects passed from legitimate monitoring nodes to the Shinken server. A remote attacker can craft and send a pickle object instantiating an internal, implicitly trusted Shinken object; some of which can be leveraged to execute arbitrary code on the monitoring server itself.

### Usage
`python CVE-2022-37298.py` 

![poc](https://user-images.githubusercontent.com/12803470/199597211-e142b785-d457-4d06-8a26-3603ab014b09.gif)