Lucene search
+L

191 matches found

GithubExploit
GithubExploit
added 2022/03/04 7:24 a.m.488 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

-cve-2022-22947- cve-2022-22947 Spring Cloud Gateway Batc...

10CVSS7.1AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/03/04 6:38 a.m.86 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

Spring Cloud Gateway Remote Code Execution Vulnerability...

10CVSS7.2AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/03/04 2:36 a.m.353 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

Spring-Cloud-Gateway CVE-2022-22947 Spring Cloud Gatewa...

10CVSS7.7AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/03/04 2:36 a.m.344 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

Spring-Cloud-Gateway CVE-2022-22947 Spring Cloud Gatewa...

10CVSS7.7AI score0.98253EPSS
Exploits54
Github Security Blog
Github Security Blog
added 2022/03/04 12:0 a.m.91 views

Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured

In Spring Cloud Gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed, and unsecured. A remote attacker could make a maliciously crafted request resulting in arbitrary remote execution on the...

10CVSS4.5AI score0.98253EPSS
Exploits54References7Affected Software1
OSV
OSV
added 2022/03/04 12:0 a.m.143 views

GHSA-3GX9-37WW-9QW6 Spring Cloud Gateway vulnerable to Code Injection when Gateway Actuator endpoint enabled, exposed, unsecured

In Spring Cloud Gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed, and unsecured. A remote attacker could make a maliciously crafted request resulting in arbitrary remote execution on the...

10CVSS9.8AI score0.98253EPSS
Exploits54References6
GithubExploit
GithubExploit
added 2022/03/03 6:26 p.m.2 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

Spring Cloud Gateway...

10CVSS7AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/03/03 6:26 p.m.439 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

Spring Cloud Gateway...

10CVSS9.1AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/03/03 1:13 p.m.403 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

CVE-2022-22947RceExp Spring Cloud Gateway 远程代码执行漏洞Exp Spring...

10CVSS9.7AI score0.98253EPSS
Exploits54
GithubExploit
GithubExploit
added 2022/03/03 9:30 a.m.189 views

Exploit for Code Injection in Vmware Spring_Cloud_Gateway

cve-2022-22947 p...

10CVSS9.7AI score0.98253EPSS
Exploits54
Cvelist
Cvelist
added 2022/03/03 12:0 a.m.33 views

CVE-2022-22947

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the...

9.7AI score0.98253EPSS
Exploits54References5
Vulnrichment
Vulnrichment
added 2022/03/03 12:0 a.m.15 views

CVE-2022-22947

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the...

9.7AI score0.98253EPSS
Exploits54References5
ATTACKERKB
ATTACKERKB
added 2022/03/03 12:0 a.m.55 views

CVE-2022-22947

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the...

10CVSS9.9AI score0.98253EPSS
In wildExploits54References6
OSV
OSV
added 2022/03/03 12:0 a.m.26 views

CVE-2022-22947

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the...

10CVSS9.7AI score0.98253EPSS
Exploits54References8
CNVD
CNVD
added 2022/03/03 12:0 a.m.38 views

Spring Cloud Gateway Remote Code Execution Vulnerability

Spring Cloud GateWay is a library provided for building API gateways on top of Spring WebFlux.A remote code execution vulnerability exists in Spring Cloud Gateway, which occurs in the Actuator endpoint of the Spring Cloud Gateway application, which is enabled, public and insecure, is vulnerable t...

10CVSS2.9AI score0.98253EPSS
Exploits54References1
CVE
CVE
added 2022/03/03 12:0 a.m.2164 views

CVE-2022-22947

CVE-2022-22947 affects Spring Cloud Gateway when the Gateway Actuator endpoint is enabled, exposed, and unsecured. A remote attacker can craft a request to the Actuator interface and cause arbitrary remote code execution on the host due to a code-injection vulnerability in the gateway routing/Act...

10CVSS9.7AI score0.98253EPSS
In wildExploits54References6Affected Software1
CNNVD
CNNVD
added 2022/03/03 12:0 a.m.4 views

VMware Spring Cloud Gateway 代码注入漏洞

Spring Cloud GateWay is a library provided for building API gateways on top of Spring WebFlux.A remote code execution vulnerability exists in Spring Cloud Gateway, which occurs in the Actuator endpoint of the Spring Cloud Gateway application, which is enabled, public and insecure, is vulnerable t...

10CVSS9.2AI score0.98253EPSS
Exploits54References16
Veracode
Veracode
added 2022/03/02 9:29 a.m.38 views

Insecure HTTP2 TrustManager

spring-cloud-gateway-server uses an insecure HTTP2 TrustManager. Application with default configuration and no key store or trusted certificates uses an insecure trustmanager factory option when HTTP2 is enabled, allowing the gateway connections to remote services with invalid or custom...

5.5CVSS2.7AI score0.04846EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2022/03/01 12:0 a.m.7 views

PT-2022-2172 · Spring · Spring Cloud Gateway

Name of the Vulnerable Software and Affected Versions: Spring Cloud Gateway versions prior to 3.1.1+ Description: The issue is related to the implementation of the TrustManager technology for authentication in the Spring Cloud Gateway library, which is used for creating API gateways. It is...

5.5CVSS6.4AI score0.04846EPSS
Exploits0References8
Spring Security Advisories
Spring Security Advisories
added 2022/03/01 12:0 a.m.5 views

Spring Cloud Gateway Code Injection Vulnerability

Applications using Spring Cloud Gateway are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host...

10CVSS7.8AI score0.98253EPSS
Exploits54References1
Rows per page
Query Builder