A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.
CVE Infomation | Exploits or more Infomation |
---|---|
mitre | EXPLOIT DATABASE |
NVD | 0day.today |
vulmon.com | github |
CVE Details | |
JVN ENG JPN | |
Reconshell |
Software Tag: BIG-IP(2 tweets) Chrome(2 tweets) Java(1 tweets)
List of frequently cited URLs
User | URL | Info Source | Date |
---|---|---|---|
0xChevalier | https://tryhackme.com/room/spring4shell | Source 0xChevalier 1596300915837145088 | 2022/11/26 |
hackplayers | https://blog.pentesteracademy.com/lab-walkthrough-exploitin... | Source hackplayers 1596587272933371904 | 2022/11/27 |
n0ipr0cs | https://twitter.com/n0ipr0cs/status/1597571635292536832/pho... | Source n0ipr0cs 1597571635292536832 | 2022/11/29 |
NandanLohitaksh | http://4.Google | Source NandanLohitaksh 1599495693563203585 | 2022/12/05 |
Prohacktiv3 | https://github.com/devengpk/CVE-2022-22965 | Source Prohacktiv3 1602577992508735488 | 2022/12/13 |
Prohacktiv3 | https://github.com/v0lp3/CVE-2022-39066 | Source Prohacktiv3 1602577992508735488 | 2022/12/13 |
Prohacktiv3 | https://twitter.com/Prohacktiv3/status/1602577992508735488/... | Source Prohacktiv3 1602577992508735488 | 2022/12/13 |
TrustedSec | https://www.trustedsec.com/blog/cve-2022-22965-spring4shell... | Source TrustedSec 1604871467262435331 | 2022/12/20 |
List of frequently cited URLs
User | URL | Info Source |
---|---|---|
0xChevalier | tryhackme.com | Show Tweet |
hackplayers | blog.pentesteracademy.com | Show Tweet |
n0ipr0cs | twitter.com | Show Tweet |
NandanLohitaksh | 4.Google | Show Tweet |
Prohacktiv3 | github.com | Show Tweet |
Prohacktiv3 | github.com | Show Tweet |
Prohacktiv3 | twitter.com | Show Tweet |
TrustedSec | trustedsec.com | Show Tweet |
Name | URL |
---|---|
reznok/Spring4Shell-POC | https://github.com/reznok/Spring4Shell-POC |
TheGejr/SpringShell | https://github.com/TheGejr/SpringShell |
BobTheShoplifter/Spring4Shell-POC | https://github.com/BobTheShoplifter/Spring4Shell-POC |
alt3kx/CVE-2022-22965 | https://github.com/alt3kx/CVE-2022-22965 |
Mr-xn/spring-core-rce | https://github.com/Mr-xn/spring-core-rce |
Kirill89/CVE-2022-22965-PoC | https://github.com/Kirill89/CVE-2022-22965-PoC |
DDuarte/springshell-rce-poc | https://github.com/DDuarte/springshell-rce-poc |
4nth0ny1130/spring4shell_behinder | https://github.com/4nth0ny1130/spring4shell_behinder |
tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce | https://github.com/tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce |
light-Life/CVE-2022-22965-GUItools | https://github.com/light-Life/CVE-2022-22965-GUItools |
Name | URL |
---|---|
reznok/Spring4Shell-POC | github.com |
TheGejr/SpringShell | github.com |
BobTheShoplifter/Spring4Shell-POC | github.com |
alt3kx/CVE-2022-22965 | github.com |
Mr-xn/spring-core-rce | github.com |
Kirill89/CVE-2022-22965-PoC | github.com |
DDuarte/springshell-rce-poc | github.com |
4nth0ny1130/spring4shell_behinder | github.com |
tangxiaofeng7/CVE-2022-22965-Spring-Core-Rce | github.com |
light-Life/CVE-2022-22965-GUItools | github.com |