Exploit for #VU61756 Code Injection in Pivotal Spring Framework
Vulnerability identifier: #VU61756
Vulnerability risk: Critical
CVSSv3.1: 9.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-94
Exploitation vector: Network
Exploits in database: 44
- January 22, 2023
- August 29, 2022
- August 14, 2022
- August 1, 2022
- June 30, 2022
- June 6, 2022
- May 12, 2022
- Spring Framework Class property RCE (Spring4Shell) [Metasploit]
- May 2, 2022
- spring-RCE-CVE-2022-22965 () [Github]
- April 14, 2022
- April 13, 2022
- April 11, 2022
- April 7, 2022
- CVE-2022-22965_PoC (Spring Framework RCE (Quick pentest notes)) [Github]
- springboot_CVE-2022-22965 (CVE-2022-22965 pocsuite3 POC) [Github]
- spring-core-rce (springFramework_CVE-2022-22965_RCE简单利用) [Github]
- Spring4ShellPoC (Spring4Shell PoC (CVE-2022-22965)) [Github]
- spring4shell_behinder (CVE-2022-22965写入冰蝎webshell脚本) [Github]
- April 6, 2022
- irule-cve-2022-22965 () [Github]
- April 5, 2022
- CVE-2022-22965 (Spring4Shell is a critical RCE vulnerability in the Java Spring Framework and is one of three related vulnerabilities published on March 30) [Github]
- CVE-2022-22965 (Spring Framework RCE Exploit) [Github]
- CVE-2022-22965 (Exploit Of Spring4Shell!) [Github]
- nmap-spring4shell (Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965) ) [Github]
- CVE-2022-22965 (Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965) [Github]
- CVE-2022-22965-PoC (CVE-2022-22965 (Spring4Shell) Proof of Concept) [Github]
- springshell-vuln-POC (POC to prove springshell CVE 2022-22965) [Github]
- Spring4shell-CVE-2022-22965-POC (Another spring4shell (Spring core RCE) POC) [Github]
- go-scan-spring (Vulnerability scanner for Spring4Shell (CVE-2022-22965)) [Github]
- April 3, 2022
- spring-core-rce (spring框架RCE漏洞 CVE-2022-22965) [Github]
- CVE-2022-22965 (CVE-2022-22965 POC) [Github]
- spring-framework-rce (CVE-2022-22965) [Github]
- cve-2022-22965 () [Github]
- CVE-2022-22965_Spring_Core_RCE (CVE-2022-22965\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用) [Github]
- SpringFramework_CVE-2022-22965_RCE (SpringFramework 远程代码执行漏洞CVE-2022-22965) [Github]
- CVE-2022-22965-Spring-CachedintrospectionResults-Rce (批量无损检测) [Github]
- spring4shell-exploit-poc (Exploit a vulnerable Spring application with the Spring4Shell (CVE-2022-22965) Vulnerability.) [Github]
- CVE-2022-22965 (Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5) [Github]
- March 31, 2022
- CVE-2022-22965 (Vulnerabilidad RCE en Spring Framework vía Data Binding on JDK 9+ (CVE-2022-22965 aka "Spring4Shell")) [Github]
- CVE-2022-22965-poc (CVE-2022-22965 poc including reverse-shell support) [Github]
- Spring-CVE (This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".) [Github]
- Spring4Shell-POC (Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit) [Github]
- CVE-2022-22965 (Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)) [Github]
- Safer_PoC_CVE-2022-22965 (A Safer PoC for CVE-2022-22965 (Spring4Shell)) [Github]
- Spring4Shell-POC (Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965) [Github]
Impact: Code execution
Vulnerable software:
Pivotal Spring Framework
Server applications /
Frameworks for developing and running applications
Vendor: Pivotal
