admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-06 10:41:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/Spring/CVE-2022-22965/README.md

11 lines
1.1 KiB
Markdown
Raw Normal View History

add CVE-2022-22965
2022-04-02 14:22:23 +08:00
# Spring Core Framework Remote Code Execution Vulnerability(CVE-2022-22965)
Spring core is a toolkit for discovering, creating and processing the relationship between beans in the Spring series.An unauthenticated attacker could use this vulnerability for remote arbitrary code execution. The vulnerability exists widely in the Spring framework and derived frameworks, and JDK 9.0 and above will be affected. Products using older JDK versions are not affected.
fix query
2022-04-02 14:23:09 +08:00
FOFA **query rule**: [app="APACHE-Tomcat" || app="vmware-SpringBoot-framework" || app="vmware-SpringBoot-framework" || app="vmware-Spring-Batch" || app="vmware-Spring-framework" || app="vmware-Spring-Security"](https://fofa.info/result?qbase64=YXBwPSJBUEFDSEUtVG9tY2F0IiB8fCBhcHA9InZtd2FyZS1TcHJpbmdCb290LUZyYW1ld29yayJ8fGFwcD0idm13YXJlLVNwcmluZ0Jvb3QtRnJhbWV3b3JrInx8YXBwPSJ2bXdhcmUtU3ByaW5nLUJhdGNoInx8YXBwPSJ2bXdhcmUtU3ByaW5nLUZyYW1ld29yayJ8fGFwcD0idm13YXJlLVNwcmluZy1TZWN1cml0eSI%3D)
add CVE-2022-22965
2022-04-02 14:22:23 +08:00
# Demo
![Spring_Core_Framework_Remote_Code_Execution_Vulnerability](Spring_Core_Framework_Remote_Code_Execution_Vulnerability.gif)
Reference in New Issue Copy Permalink