Lucene search

44AC6EA1-B046-5CD3-8E85-AAF1A5224906

HistoryDec 28, 2023 - 6:58 a.m.

Exploit for Expression Language Injection in Vmware Spring Cloud Function

2023-12-2806:58:17

208

python tool

cve-2022-22963

expression language injection

remote code execution

dnslog

reverse shell

target url

help

ip address

port 9999

7.2 High

AI Score

Confidence

Low

0.975 High

EPSS

Percentile

100.0%

JSON

CVE-2022-22963

一、工具描述

可用于检测CVE-2022-22963 代码远程执行漏洞，支持dnsl…

This is an article that belongs to githubexploit private collection.
Please sign in to get more Information.

wallarmlab

Update on 0-day vulnerabilities in Spring (Spring4Shell and CVE-2022-22963)

2022-03-31 01:49:02

githubexploit

Exploit for Code Injection in Vmware Spring Cloud Function

2022-03-31 14:29:24

Exploit for Code Injection in Vmware Spring Cloud Function

2023-10-28 21:42:38

Exploit for Code Injection in Vmware Spring Cloud Function

2023-03-13 13:28:55

saint

Spring Cloud Function Remote Code Execution

2022-04-05 00:00:00

Spring Cloud Function Remote Code Execution

2022-04-05 00:00:00

ibm

Security Bulletin: Sterling Order Management and Spring vulnerability CVE-2022-22963

2022-07-28 19:47:33

Security Bulletin: CMIS is affected since it uses Spring Framework, but not vulnerable to [CVE-2022-22965] and [CVE-2022-22963]

2022-10-18 15:36:16

Security Bulletin: IBM QRadar SIEM is affected by a remote code execution in Spring Framework (CVE-2022-22963, CVE-2022-22965, CVE-2022-22950)

2022-06-24 17:34:09

github

Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression

2022-04-03 00:00:59

prion

Remote code execution

2022-04-01 23:15:00

zdt

Spring Cloud Function SpEL Injection Exploit

2022-03-31 00:00:00

Spring Cloud 3.2.2 - Remote Command Execution Exploit

2023-07-11 00:00:00

redhat

(RHSA-2022:1291) Low: Release of OpenShift Serverless Client kn 1.21.1

2022-04-11 07:34:16

(RHSA-2022:1292) Low: Release of OpenShift Serverless 1.21.1

2022-04-11 08:22:04

(RHSA-2022:4880) Moderate: ACS 3.70 enhancement and security update

2022-06-02 02:02:58

packetstorm

Spring Cloud 3.2.2 Remote Command Execution

2023-07-12 00:00:00

Spring Cloud Function SpEL Injection

2022-03-31 00:00:00

osv

CVE-2022-22963

2022-04-01 23:15:13

Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression

2022-04-03 00:00:59

cve

CVE-2022-22963

2022-04-01 23:15:13

spring

CVE report published for Spring Cloud Function

2022-03-30 00:53:00

cisco

Vulnerability in Spring Cloud Function Framework Affecting Cisco Products: March 2022

2022-04-01 23:45:00

openvas

VMware Spring Cloud Function < 3.1.7, 3.2.x < 3.2.3 RCE Vulnerability - Active Check

2022-05-06 00:00:00

checkpoint_advisories

Spring Cloud Function Remote Code Execution (CVE-2022-22963)

2022-03-31 00:00:00

nessus

Spring Cloud Function SPEL Expression Injection (direct check)

2022-03-31 00:00:00

VMware Spring Cloud Function < 3.1.7 / 3.2.x < 3.2.3 SPEL Expression Injection (local check)

2022-04-14 00:00:00

RHEL 8 : Release of OpenShift Serverless Client kn 1.21.1 (Low) (RHSA-2022:1291)

2024-04-28 00:00:00

metasploit

Spring Cloud Function SpEL Injection

2022-03-30 22:38:41

cisa_kev

VMware Tanzu Spring Cloud Function Remote Code Execution Vulnerability

2022-08-25 00:00:00

wizblog

Addressing the Spring4Shell and CVE-2022-22963 RCE vulnerabilities in cloud environments

2022-04-01 05:00:39

nuclei

Spring Cloud - Remote Code Execution

2022-03-27 14:47:28

kitploit

CVE-2022-22963 - PoC Spring Java Framework 0-day Remote Code Execution Vulnerability

2022-03-31 11:30:00

Spring4Shell-Scan - A Fully Automated, Reliable, And Accurate Scanner For Finding Spring4Shell And Spring Cloud RCE Vulnerabilities

2022-04-24 21:30:00

redhatcve

CVE-2022-22963

2022-03-31 18:32:29

akamaiblog

Spring Cloud Function SpEL Injection (CVE-2022-22963) Exploited in the Wild

2022-03-31 19:30:00

attackerkb

CVE-2022-22963

2022-04-01 00:00:00

CVE-2021-38406

2021-09-09 00:00:00

cvelist

CVE-2022-22963

2022-04-01 00:00:00

nvd

CVE-2022-22963

2022-04-01 23:15:13

veracode

Remote Code Execution

2022-03-31 01:51:42

exploitdb

Spring Cloud 3.2.2 - Remote Command Execution (RCE)

2023-07-11 00:00:00

rapid7blog

Update on Spring4Shell’s Impact on Rapid7 Solutions and Systems

2022-04-01 14:42:42

Metasploit Weekly Wrap-Up

2022-04-01 18:34:29

What’s New in InsightVM and Nexpose: Q2 2022 in Review

2022-07-28 14:00:00

paloalto

Informational: Impact of Spring Vulnerabilities CVE-2022-22963 and CVE-2022-22965

2022-03-31 02:30:00

qualysblog

Spring Framework Zero-Day Remote Code Execution (Spring4Shell) Vulnerability

2022-03-31 09:00:00

Identify Server-Side Attacks Using Qualys Periscope

2022-12-01 23:11:35

fortinet

CVE-2022-22965 and CVE-2022-22963 vulnerabilities

2022-04-01 00:00:00

thn

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

2022-03-31 05:52:00

CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

2022-08-29 04:23:00

cisa

Spring Releases Security Updates Addressing "Spring4Shell" and Spring Cloud Function Vulnerabilities

2022-04-01 00:00:00

threatpost

RCE Bug in Spring Cloud Could Be the Next Log4Shell, Researchers Warn

2022-03-30 18:04:11

K11510688 : Spring Framework (Spring4Shell) and Spring Cloud vulnerabilities CVE-2022-22965, CVE-2022-22950, and CVE-2022-22963

2022-03-31 00:00:00

cert

Spring Framework insecurely handles PropertyDescriptor objects with data binding

2022-03-31 00:00:00

securelist

Spring4Shell (CVE-2022-22965): details and mitigations

2022-04-04 15:30:36

avleonov

Spring4Shell, Spring Cloud Function RCE and Spring Cloud Gateway Code Injection

2022-04-03 00:15:45

mmpc

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

2022-04-05 01:11:24

mssecure

SpringShell RCE vulnerability: Guidance for protecting against and detecting CVE-2022-22965

2022-04-05 01:11:24

impervablog

Imperva Protects from New Spring Framework Zero-Day Vulnerabilities

2022-03-31 15:20:03

malwarebytes

4 over-hyped security vulnerabilities of 2022

2022-12-19 01:00:00

trellix

The Bug Report – April 2022 Edition

2022-05-04 00:00:00

The Bug Report – April 2022 Edition

2022-05-04 00:00:00

checkpoint_security

Check Point Response to Spring Vulnerabilities CVE-2022-22963, CVE-2022-22946, CVE-2022-22947, CVE-2022-22965 (Spring4Shell) and CVE-2022-22950

2022-03-30 21:41:02

ics

2022 Top Routinely Exploited Vulnerabilities

2023-08-03 12:00:00

oracle

Oracle Critical Patch Update Advisory - July 2022

2022-07-19 00:00:00

Oracle Critical Patch Update Advisory - April 2022

2022-04-19 00:00:00

7.2 High

AI Score

Confidence

Low

0.975 High

EPSS

Percentile

100.0%

JSON

Exploit for Expression Language Injection in Vmware Spring Cloud Function

CVE-2022-22963

一、工具描述

Related