openkylin
/
openkylin-exploit-db
mirror of https://gitee.com/openkylin/openkylin-exploit-db.git
9
0
Fork 0
Code Issues Projects Releases Wiki Activity
openkylin-exploit-db/cve/java-spring/2022/CVE-2022-22963
History
caicaineng 38c4d22791 删除文件 cve/java-spring/2022/CVE-2022-22963/.keep 2023-03-17 05:49:46 +00:00
..
CVE-2022-22963-POC.py add cve/java-spring/2022/CVE-2022-22963/CVE-2022-22963-POC.py. 2023-03-17 05:49:46 +00:00
README.md add cve/java-spring/2022/CVE-2022-22963/README.md. 2023-03-17 05:49:46 +00:00

README.md

CVE-2022-22963

CVE-2022-22963 PoC

Slight modified for English translation and detection of https://github.com/chaosec2021/Spring-cloud-function-SpEL-RCE/blob/main/Spel_RCE_POC.py . By default whoami is executed on the target and a file vulnerable.txt is created with the URLs that are vulnerable.

REF

https://github.com/dinosn/CVE-2022-22963 https://avd.aliyun.com/search?q=CVE-2022-22963 https://www.cyberkendra.com/2022/03/rce-0-day-exploit-found-in-spring-cloud.html, dc5128b80c