Skip to main content

CVE-2022-46997: n/a in n/a

Critical
VulnerabilityCVE-2022-46997cvecve-2022-46997n-acwe-912
Published: Wed Dec 14 2022 (12/14/2022, 00:00:00 UTC)
Source: CVE
Vendor/Project: n/a
Product: n/a

Description

Passhunt commit 54eb987d30ead2b8ebbf1f0b880aa14249323867 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges.

AI-Powered Analysis

AILast updated: 06/20/2025, 12:33:10 UTC

Technical Analysis

CVE-2022-46997 is a critical security vulnerability identified in the Passhunt project, specifically introduced in commit 54eb987d30ead2b8ebbf1f0b880aa14249323867. The vulnerability manifests as a code execution backdoor embedded via the 'request' package, which is a widely used HTTP client library in many JavaScript and Node.js applications. This backdoor allows an attacker to execute arbitrary code remotely without requiring any authentication or user interaction. The exploitation of this vulnerability can lead to unauthorized access to sensitive user information, including digital currency keys, and enables privilege escalation within the affected environment. The CVSS v3.1 base score of 9.8 reflects the high severity, with attack vector being network-based, no privileges or user interaction required, and full impact on confidentiality, integrity, and availability. The vulnerability is classified under CWE-912 (Hidden Functionality), indicating that malicious code was intentionally or unintentionally embedded in the software, bypassing normal security controls. Although the specific vendor, product, and affected versions are not disclosed, the involvement of the 'request' package suggests a broad potential impact given its extensive usage in various software projects. No patches or fixes have been linked yet, and there are no known exploits in the wild at the time of publication. The vulnerability was reserved and published in December 2022, with enrichment from CISA, highlighting its recognized criticality in the cybersecurity community.

Potential Impact

For European organizations, the impact of CVE-2022-46997 can be severe due to the potential for remote code execution without authentication or user interaction. Organizations relying on software that includes the compromised 'request' package or the Passhunt project may face unauthorized data exfiltration, particularly of sensitive user credentials and digital currency keys, which could lead to financial losses and reputational damage. The ability to escalate privileges further exacerbates the risk, potentially allowing attackers to gain persistent access and control over critical systems. This could disrupt business operations, compromise customer data privacy in accordance with GDPR, and lead to regulatory penalties. Sectors such as financial services, cryptocurrency exchanges, fintech startups, and any enterprise using Node.js-based applications are particularly at risk. The lack of available patches increases the window of exposure, and the critical severity score demands immediate attention. Additionally, the vulnerability could be leveraged in supply chain attacks, given the widespread use of the 'request' package in open-source projects, potentially impacting a broad range of European industries.

Mitigation Recommendations

1. Conduct an immediate audit of all software dependencies to identify usage of the 'request' package and the Passhunt project, including transitive dependencies in Node.js applications. 2. Isolate and remove or replace the compromised 'request' package with a trusted alternative such as 'axios' or 'node-fetch' that is verified to be free of backdoors. 3. Implement strict code review and supply chain security practices, including verifying the integrity and provenance of third-party libraries before integration. 4. Monitor network traffic and system logs for unusual outbound connections or execution patterns that could indicate exploitation attempts. 5. Employ runtime application self-protection (RASP) and endpoint detection and response (EDR) tools to detect and block unauthorized code execution. 6. Restrict privileges of application processes to the minimum necessary to limit the impact of potential exploitation. 7. Engage with software vendors and open-source communities to track the release of official patches or advisories related to this vulnerability. 8. Educate development and security teams about the risks of hidden functionality and the importance of dependency management. 9. For organizations handling digital currencies, implement additional layers of key management security, including hardware security modules (HSMs) and multi-factor authentication for key access.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
mitre
Date Reserved
2022-12-12T00:00:00.000Z
Cisa Enriched
true

Threat ID: 682d984ac4522896dcbf79c0

Added to database: 5/21/2025, 9:09:30 AM

Last enriched: 6/20/2025, 12:33:10 PM

Last updated: 8/9/2025, 4:33:26 PM

Views: 13

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats