CVE-2022-22947

Description from NVD

In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.

Information Acquisition Date:2022-03-07T04:48Z
CVSS 2.0: 0.0 None CVSS 3.x: 0.0 None

NVD References

 https://tanzu.vmware.com/security/cve-2022-22947
     source:MISC
     tags:

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag:



List of frequently cited URLs

URLNum of Times Referred to
https://cvetrends.com55
https://github.com/vulhub/vulhub/tree/master/spring/CVE-202...28
https://lists.astaro.com/ASGV9-IPS-rules.html#019
https://www.vulnmachines.com11
http://t.me/gobies6
https://wya.pl/2022/02/26/cve-2022-22947-spel-casting-and-e...4
https://cybersecurity.att.com/blogs/labs-research/rapidly-e...4
https://twitter.com/jas502n/status/15014699975244718093
https://www.cisa.gov/uscert/ncas/current-activity/2022/05/1...3
https://tanzu.vmware.com/security/cve-2022-229473
https://ipssignatures.appspot.com/?cve=CVE-2022-229473

Information from Twitter

User URL Info Source Date
wdahlenb https://wya.pl/2022/02/26/cve-2022-22947-spel-casting-and-e... Source wdahlenb         1615105598613520388 2023/01/17
wdahlenb https://twitter.com/PortSwiggerRes/status/1614990050994933760 Source wdahlenb         1615105598613520388 2023/01/17

List of frequently cited URLs

URLNum of Times Referred to
cvetrends.com55
github.com28
lists.astaro.com19
www.vulnmachines.com11
t.me6
wya.pl4
cybersecurity.att.com4
twitter.com3
www.cisa.gov3
tanzu.vmware.com3
ipssignatures.appspot.com3

Information from Twitter

User URL Info Source
wdahlenb wya.pl Show Tweet
wdahlenb twitter.com Show Tweet

GitHub Search Results: Up to 10
NameURL
lucksec/Spring-Cloud-Gateway-CVE-2022-22947 https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947
Axx8/CVE-2022-22947_Rce_Exp https://github.com/Axx8/CVE-2022-22947_Rce_Exp
tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway https://github.com/tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway
dingxiao77/-cve-2022-22947- https://github.com/dingxiao77/-cve-2022-22947-
scopion/cve-2022-22947 https://github.com/scopion/cve-2022-22947
chaosec2021/CVE-2022-22947-POC https://github.com/chaosec2021/CVE-2022-22947-POC
carlosevieira/CVE-2022-22947 https://github.com/carlosevieira/CVE-2022-22947
Vulnmachines/spring-cve-2022-22947 https://github.com/Vulnmachines/spring-cve-2022-22947
Tas9er/SpringCloudGatewayRCE https://github.com/Tas9er/SpringCloudGatewayRCE
wjl110/Spring_CVE_2022_22947 https://github.com/wjl110/Spring_CVE_2022_22947

GitHub Search Results: Up to 10
NameURL
lucksec/Spring-Cloud-Gateway-CVE-2022-22947 github.com
Axx8/CVE-2022-22947_Rce_Exp github.com
tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway github.com
dingxiao77/-cve-2022-22947- github.com
scopion/cve-2022-22947 github.com
chaosec2021/CVE-2022-22947-POC github.com
carlosevieira/CVE-2022-22947 github.com
Vulnmachines/spring-cve-2022-22947 github.com
Tas9er/SpringCloudGatewayRCE github.com
wjl110/Spring_CVE_2022_22947 github.com

2023/01/17 Score : 0
Added Har-sia Database : 2022/03/02
Last Modified : 2023/01/17
Highest Scored Date : 2022/03/03
Highest Score : 35