Lucene search
K

46 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.103 views

Spring Cloud Gateway Code Injection

Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote...

10CVSS8.4AI score0.98253EPSS
Exploits54References5
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.12 views

CVE-2022-22947

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the...

10CVSS9.7AI score0.98253EPSS
Exploits54References1
GithubExploit
GithubExploit
added 2024/06/19 3:31 p.m.526 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947 A code injection attack on spring cloud gate...

10CVSS9.5AI score0.98253EPSS
Exploits54
Tenable Nessus
Tenable Nessus
added 2023/05/26 12:0 a.m.146 views

Spring Cloud Gateway Code Injection (CVE-2022-22947)

Binary data springcloudgatewaycve-2022-22947direct.nbin...

10CVSS10AI score0.98253EPSS
Exploits54References2
GithubExploit
GithubExploit
added 2023/02/07 1:59 a.m.21 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

Introduction Through CVE-2022-22947, an attack is attempte...

10CVSS7.2AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/11/15 9:11 a.m.440 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947 Usage: python3 CVE-2022-22947.py url...

10CVSS9.7AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/10/29 3:28 a.m.486 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

SpringAllReachable A graphical tool for rapid exploitati...

10CVSS7.9AI score0.99939EPSS
Exploits86
0day.today
0day.today
added 2022/10/17 12:0 a.m.405 views

Spring Cloud Gateway 3.1.0 Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Spring Cloud Gateway versions 3.0.0 through 3.0.6 and 3.1.0. The vulnerability can be exploited when the Gateway Actuator endpoint is enabled, exposed and unsecured. An unauthenticated attacker can use SpEL...

10CVSS10AI score0.98253EPSS
Exploits54
Packet Storm
Packet Storm
added 2022/10/17 12:0 a.m.331 views

Spring Cloud Gateway 3.1.0 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Spring Cloud Gateway Remote Code Execution', 'Description' = %q This module exploits an unauthenticated remote code execution vulnerability in...

10CVSS0.2AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/08/23 6:38 a.m.258 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

It is an exploit module/toolkit targeting Apache Log4j. The targ...

10CVSS9.2AI score0.98253EPSS
Exploits54
Tenable Nessus
Tenable Nessus
added 2022/07/29 12:0 a.m.52 views

VMware Spring Cloud Gateway 3.0 < 3.0.7 / 3.1 < 3.1.1 Code Injection

The version of Spring Cloud Gateway running on the remote host is affected by a code injection vulnerability. Applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request tha...

10CVSS8.6AI score0.98253EPSS
Exploits54References2
ThreatPost
ThreatPost
added 2022/05/31 12:24 p.m.120 views

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems CMS, web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...

10CVSS10AI score0.99999EPSS
Exploits476References16
GithubExploit
GithubExploit
added 2022/05/29 1:7 a.m.309 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947-exp Reproduced the...

10CVSS7.1AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/05/29 1:7 a.m.493 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947-exp Reproduced the...

10CVSS7.1AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/05/19 2:58 p.m.378 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

PoC exploit for CVE-2022-22947, an arbitrary file upload vulnera...

10CVSS9.5AI score0.98253EPSS
Exploits54
The Hacker News
The Hacker News
added 2022/05/17 9:37 a.m.155 views

New Sysrv Botnet Variant Hijacking Windows and Linux with Crypto Miners

Microsoft is warning of a new variant of the Sysrv botnet that's exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to ga...

10CVSS10AI score0.98253EPSS
Exploits54
The Hacker News
The Hacker News
added 2022/05/17 3:17 a.m.444 views

Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability

--- Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation...

10CVSS2.9AI score0.99938EPSS
Exploits81
GithubExploit
GithubExploit
added 2022/05/16 3:27 p.m.555 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947 Spring Cloud Gateway Actuator API SpEL expres...

10CVSS7.3AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/04/06 9:40 a.m.299 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

SpringCloud-Gateway Command Execution Vulnerability CVE-2022...

10CVSS7.3AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/04/06 9:40 a.m.7 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

SpringCloud-Gateway Command Execution Vulnerability CVE-2022...

10CVSS7.3AI score0.98253EPSS
Exploits54
Rows per page
Query Builder