GobyVuls/Spring/CVE-2022-22965/README.md


# Spring Core Framework Remote Code Execution Vulnerability(CVE-2022-22965)

Spring core is a toolkit for discovering, creating and processing the relationship between beans in the Spring series.An unauthenticated attacker could use this vulnerability for remote arbitrary code execution. The vulnerability exists widely in the Spring framework and derived frameworks, and JDK 9.0 and above will be affected. Products using older JDK versions are not affected.

FOFA **query rule**: [protocol="http" || protocol="https"](https://fofa.info/result?qbase64=cHJvdG9jb2w9Imh0dHAiIHx8IHByb3RvY29sPSJodHRwcyI%3D)

# Demo

![Spring_Core_Framework_Remote_Code_Execution_Vulnerability](Spring_Core_Framework_Remote_Code_Execution_Vulnerability.gif)
add CVE-2022-22965 2022-04-02 14:22:23 +08:00
			`# Spring Core Framework Remote Code Execution Vulnerability(CVE-2022-22965)`

			`Spring core is a toolkit for discovering, creating and processing the relationship between beans in the Spring series.An unauthenticated attacker could use this vulnerability for remote arbitrary code execution. The vulnerability exists widely in the Spring framework and derived frameworks, and JDK 9.0 and above will be affected. Products using older JDK versions are not affected.`

			`FOFA query rule: [protocol="http" \|\| protocol="https"](https://fofa.info/result?qbase64=cHJvdG9jb2w9Imh0dHAiIHx8IHByb3RvY29sPSJodHRwcyI%3D)`

			`# Demo`

			`![Spring_Core_Framework_Remote_Code_Execution_Vulnerability](Spring_Core_Framework_Remote_Code_Execution_Vulnerability.gif)`