Authentication Bypass in General Bytes Crypto Application Server
CVE-2022-4980

9.3CRITICAL

Key Information:

Vendor: General Bytes
Status: Crypto Application Server (cas)
Vendor: CVE Published:; 19 September 2025

🔔 Create General Bytes Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2022-4980?

The General Bytes Crypto Application Server, starting from version 20201208 and prior to versions 20220531.38 (backport) and 20220725.22 (mainline), is compromised by an authentication bypass vulnerability in its admin web interface. An unauthenticated attacker can exploit this flaw by accessing the URL used for the initial installation or first admin creation, thereby allowing the attacker to create a new administrative account remotely. This unauthorized access can lead to significant repercussions, such as changing the ATM configuration and redirecting funds. Reports indicate active exploitation of this vulnerability against both cloud-hosted and standalone CAS deployments, particularly targeting instances exposed on ports 7777 and 443. General Bytes publicly acknowledged the issue in September 2022, underlining the importance of patching affected versions.

Affected Version(s)

Crypto Application Server (CAS) Linux 20201208 < 20220725.22

Crypto Application Server (CAS) Linux 20201208 < 20220531.38

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2022-4980 - Proof of Concept