GobyVuls/Spring Cloud

Spring Cloud Function SPEL Vulnerability

Spring cloud function is a function calculation framework based on spring boot. By abstracting the transmission details and infrastructure, it retains familiar development tools and development processes for developers, so that developers can focus on realizing business logic, so as to improve development efficiency.There is spring in the HTTP request header for accessing spring cloud function cloud. function. Routing expression parameter, whose spel expression can be injected and executed through StandardeValuationContext parsing. Eventually, an attacker can perform remote command execution through this vulnerability.

FOFA query rule: ((header="Server: Netty@SpringBoot" || (body="Whitelabel Error Page" && body="There was an unexpected error")) && body!="couchdb") || title="SpringBootAdmin-Server" || body="SpringBoot"

Demo