CVE-2022-50898

HighPublic PoC

Published: 13 January 2026

Published

13 January 2026

Modified

29 January 2026

KEV Added

—

Patch

—

CVSS Score 8.8 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0037 59.2th percentile

Risk Priority 18 60% EPSS · 20% KEV · 20% CVSS

Description

NanoCMS 0.4 contains an authenticated file upload vulnerability that allows remote code execution through unvalidated page content creation. Authenticated attackers can upload PHP files with arbitrary code to the server's pages directory by exploiting the page creation mechanism without proper…

input sanitization.

Mitigating Controls (NIST 800-53 r5)AI

SI-10 Information Input Validation good match

prevent

Directly requires input validation and sanitization at page creation interfaces to block unvalidated uploads of malicious PHP files.

SI-2 Flaw Remediation good match

prevent

Mandates identification, reporting, and correction of the unrestricted file upload flaw in NanoCMS 0.4 to eliminate the RCE vulnerability.

SI-9 Information Input Restrictions good match

prevent

Enforces restrictions on file types and content during authenticated page creation to prevent upload of dangerous PHP code to the pages directory.

Security SummaryAI

CVE-2022-50898 is an authenticated file upload vulnerability in NanoCMS version 0.4 that enables remote code execution. The issue stems from unvalidated page content creation, where the page creation mechanism lacks proper input sanitization, allowing attackers to upload PHP files containing arbitrary code directly to the server's pages directory. This flaw is classified under CWE-434 (Unrestricted Upload of File with Dangerous Type) and carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Authenticated attackers with low privileges can exploit this vulnerability remotely over the network with low complexity and no user interaction. By leveraging the flawed page creation process, they can upload and execute malicious PHP code on the server, achieving full remote code execution and potentially compromising the entire system through high impacts on confidentiality, integrity, and availability.

Reference advisories and resources, including Exploit-DB entry 50997, a VulnCheck advisory on authenticated RCE in NanoCMS, and GitHub exploit archives, document the vulnerability with proof-of-concept exploits but do not specify patches or mitigations in the provided details. The NanoCMS GitHub repository is also referenced, indicating the affected open-source component.

Details

CWE(s): CWE-434

Affected Products

kalyan02

nanocms

0.4

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access

Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.

attack.mitre.org →

T1505.003 Web Shell Persistence

Adversaries may backdoor web servers with web shells to establish persistent access to systems.

attack.mitre.org →

Why these techniques?

The vulnerability allows authenticated attackers to exploit a public-facing web application (NanoCMS) via unrestricted file upload of malicious PHP files, enabling remote code execution equivalent to deploying a web shell.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

References

https://github.com/ishell/Exploits-Archives/blob/master/2009-exploits/0904-exploits/nanocms-multi.txt
Third Party Advisory · disclosure@vulncheck.com
https://github.com/kalyan02/NanoCMS
Product · disclosure@vulncheck.com
https://www.exploit-db.com/exploits/50997
Exploit · disclosure@vulncheck.com
https://www.vulncheck.com/advisories/nanocms-remote-code-execution-rce-authenticated
Third Party Advisory · disclosure@vulncheck.com
https://github.com/ishell/Exploits-Archives/blob/master/2009-exploits/0904-exploits/nanocms-multi.txt
Third Party Advisory · 134c704f-9b21-4f2e-91b3-4a467353bcc0