cve/2021/CVE-2021-22118.md

### [CVE-2021-22118](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22118)
![](https://img.shields.io/static/v1?label=Product&message=Spring%20Framework&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=Spring%20Framework%20versions%205.2.x%20prior%20to%205.2.15%20and%20versions%205.3.x%20prior%20to%205.3.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-269%3A%20Improper%20Privilege%20Management&color=brightgreen)

### Description

In Spring Framework, versions 5.2.x prior to 5.2.15 and versions 5.3.x prior to 5.3.7, a WebFlux application is vulnerable to a privilege escalation: by (re)creating the temporary storage directory, a locally authenticated malicious user can read or modify files that have been uploaded to the WebFlux application, or overwrite arbitrary files with multipart request data.

### POC

#### Reference
- https://www.oracle.com//security-alerts/cpujul2021.html
- https://www.oracle.com/security-alerts/cpuapr2022.html
- https://www.oracle.com/security-alerts/cpujan2022.html
- https://www.oracle.com/security-alerts/cpujul2022.html
- https://www.oracle.com/security-alerts/cpuoct2021.html

#### Github
- https://github.com/Dzmitry-Basiachenka/dist-foreign-aliakh
- https://github.com/hinat0y/Dataset1
- https://github.com/hinat0y/Dataset10
- https://github.com/hinat0y/Dataset11
- https://github.com/hinat0y/Dataset12
- https://github.com/hinat0y/Dataset2
- https://github.com/hinat0y/Dataset3
- https://github.com/hinat0y/Dataset4
- https://github.com/hinat0y/Dataset5
- https://github.com/hinat0y/Dataset6
- https://github.com/hinat0y/Dataset7
- https://github.com/hinat0y/Dataset8
- https://github.com/hinat0y/Dataset9
- https://github.com/n0-traces/cve_monitor
- https://github.com/scordero1234/java_sec_demo-main