{"vulnerability": "CVE-2022-22963", "sightings": [{"uuid": "87702db1-a690-4756-901b-93e905c00b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "41d56266-d567-4b70-ab8f-4e77db55c4f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971694", "content": "", "creation_timestamp": "2024-12-24T20:32:55.104126Z"}, {"uuid": "88598df6-a1ae-4d92-9354-704ab524a5e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "d7c92309-2de7-4d7c-bea9-5fc600de3252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:43.000000Z"}, {"uuid": "d90a6e5e-e0ca-4acc-abc2-568fe72cce8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "cb923d50-95ce-437d-8ed8-fd1455e5968e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:43.000000Z"}, {"uuid": "90516804-70ea-4d9c-84d2-490c01e67eb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-11-01)", "content": "", "creation_timestamp": "2025-11-01T00:00:00.000000Z"}, {"uuid": "d7170b84-402f-4899-98c6-a2373013e4c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/spring_cloud_function_spel_injection.rb", "content": "", "creation_timestamp": "2022-03-31T16:00:06.000000Z"}, {"uuid": "a63c3fb8-5770-409d-9266-828ba171e1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://gist.github.com/aw-junaid/ed30afd1f8d04325e68a70aa2e002932", "content": "", "creation_timestamp": "2026-01-30T19:25:35.000000Z"}, {"uuid": "d5e3fec6-b81a-4858-a209-e8b7bd5e698d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_6/2022", "content": "", "creation_timestamp": "2022-03-31T09:38:49.000000Z"}, {"uuid": "6e40aa93-683f-4c86-97f2-022fe4d1b28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=791", "content": "", "creation_timestamp": "2022-04-20T04:00:00.000000Z"}, {"uuid": "30298099-d023-45f0-8c00-8745692f8b40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=767", "content": "", "creation_timestamp": "2022-04-01T04:00:00.000000Z"}, {"uuid": "7281a11c-befd-414f-8fc1-6a1e35b29307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1758", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA Proof-of-Concept (PoC) of the Spring Core RCE (Spring4Shell or CVE-2022-22963) in Bash (Linux).\nURL\uff1ahttps://github.com/exploitbin/CVE-2022-22963-Spring-Core-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T14:34:04.000000Z"}, {"uuid": "2f045d4e-eaa8-4127-8fe1-5b9d33b2d48b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/40a6547f-e20b-4e29-b709-f550acff0889", "content": "", "creation_timestamp": "2026-02-02T12:27:15.145272Z"}, {"uuid": "4999a4eb-df86-43b4-80a6-adb8112af859", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/spring_cloud_function_cve_2022_22963", "content": "", "creation_timestamp": "2022-07-19T12:00:36.000000Z"}, {"uuid": "49f9c330-d52d-4fe9-98bd-f897035be897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1748", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Core RCE CVE-2022-22963\nURL\uff1ahttps://github.com/TheGejr/SpringShell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T17:15:03.000000Z"}, {"uuid": "134a1576-031d-4a64-8365-47d77f7d8b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1747", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit\nURL\uff1ahttps://github.com/RanDengShiFu/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T11:41:57.000000Z"}, {"uuid": "29233cc7-0e29-4442-9895-850d112525d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1869", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22963 research\nURL\uff1ahttps://github.com/SealPaPaPa/SpringCloudFunction-Research\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-05T17:15:41.000000Z"}, {"uuid": "6a1683c6-3489-43d0-8e39-22dca72ea0fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1764", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \\\"SpringShell\\\".\nURL\uff1ahttps://github.com/kh4sh3i/Spring-CVE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-31T21:02:25.000000Z"}, {"uuid": "d0de3472-f5ad-4e7d-a901-813f51286020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Function SPEL\u8868\u8fbe\u5f0f\u6ce8\u5165\u6f0f\u6d1e\uff08CVE-2022-22963\uff09\nURL\uff1ahttps://github.com/k3rwin/spring-cloud-function-rce\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-14T11:20:22.000000Z"}, {"uuid": "761d5ac7-f7dc-468d-b396-dc3deb8c1b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1749", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1a{ Spring Core 0day CVE-2022-22963 }\nURL\uff1ahttps://github.com/stevemats/Spring0DayCoreExploit\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T19:13:42.000000Z"}, {"uuid": "b7e2367e-aa16-4de9-a05a-a2e82ba533f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1800", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aSpring Cloud Function Vulnerable Application / CVE-2022-22963\nURL\uff1ahttps://github.com/me2nuk/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T12:56:50.000000Z"}, {"uuid": "97b01e75-e752-44f8-9ea6-f84d8f69ec33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1794", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPOC for CVE-2022-22963\nURL\uff1ahttps://github.com/AayushmanThapaMagar/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-01T10:50:58.000000Z"}, {"uuid": "dc9e2c32-fbbf-4943-950d-d0c2516dd258", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1745", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22963 PoC \nURL\uff1ahttps://github.com/dinosn/CVE-2022-22963\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T05:07:12.000000Z"}, {"uuid": "bcbe4be1-19cc-4a7e-a8f9-25ffb939a0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2540", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aburpsuite \u7684Spring\u6f0f\u6d1e\u626b\u63cf\u63d2\u4ef6\u3002SpringVulScan\uff1a\u652f\u6301\u68c0\u6d4b\uff1a\u8def\u7531\u6cc4\u9732|CVE-2022-22965|CVE-2022-22963|CVE-2022-22947|CVE-2016-4977\nURL\uff1ahttps://github.com/tpt11fb/SpringVulScan\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-20T01:10:15.000000Z"}, {"uuid": "225d7f51-ae27-463d-9d18-a7f6200990a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3069", "content": "\u041d\u0435\u0434\u0435\u043b\u044f \u043c\u0435\u0441\u044f\u0446 Spring4Shell \u043e\u0431\u044a\u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c\n\nTL;DR\u200b\nTwo RCEs exist and three vectors are being discussed online (one of which is not known to be remotely exploitable).\n\n- Confirmed: \"Spring4Shell\" in Spring Core that has been confirmed by several sources that leverages class injection (very severe),\n- Confirmed: CVE-2022-22963 in Spring Cloud Function (less severe),\n- Unconfirmed: A third weakness that was initially discussed as allowing RCE via Deserialization, but isn't exploitable (not severe currently).\n. . .\nOverview of Vulnerabilities\u200b\n- Spring4Shell: An confirmed RCE in Spring Core &lt;=5.3.17. We're investigating this currently.\n- CVE-2022-22963: A confirmed RCE in Spring Cloud Function (&lt;=3.1.6 and &lt;=3.2.2).\n- An unconfirmed deserialization weakness in Spring Core that could lead to an RCE. (Spring Core &lt;=5.3.17)\n\nSpring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring\nhttps://www.lunasec.io/docs/blog/spring-rce-vulnerabilities", "creation_timestamp": "2022-03-31T06:09:56.000000Z"}, {"uuid": "9ea51bbe-b845-48a8-8db0-cfe99b73f14d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/3068", "content": "\u041e\u043f\u044f\u0442\u044c \"\u0437\u0435\u0440\u043e\u0434\u0435\u0438\" \u0432 Java \u043f\u043e\u0434\u044a\u0435\u0445\u0430\u043b\u0438. \u0412\u043f\u0440\u043e\u0447\u0435\u043c \u043d\u0438\u0447\u0435\u0433\u043e \u043d\u043e\u0432\u043e\u0433\u043e.\n\nAs we have already reported the unconfirmed critical vulnerability in the Spring core, leads to remote code execution. We named the vulnerability Spring4Shell because this is something like Log4Shell, actually it is more effective than Log4Shell. \n\nSpring4Shell Details and Exploit code leaked\nhttps://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html\n+\nPoC\nhttps://github.com/dinosn/CVE-2022-22963/blob/main/poc.py", "creation_timestamp": "2022-03-30T21:49:13.000000Z"}, {"uuid": "2568dc44-8fa5-4403-b9e0-db342084cc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1958", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aspring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963\nURL\uff1ahttps://github.com/hktalent/spring-spel-0day-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-04-15T16:44:46.000000Z"}, {"uuid": "37f62d08-c58b-4cf3-9387-26cf1c2742ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/cJEcDU9cf4Dk8Ba7quvMkUZfv4A1JE3RWzAD-VOFLtw7nw", "content": "", "creation_timestamp": "2023-11-02T15:04:03.000000Z"}, {"uuid": "6c1d9450-0a57-418c-84c5-89d71d6bce59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/ARC15INFO/301", "content": "New Spring Framework RCE  Vulnerability Confirmed - What to do?\n\nEarly Wednesday morning (GMT), allegations began to appear on the internet about a new remote code execution flaw that affects Spring Framework. This vulnerability, dubbed by some as \"Springshell\" in the community, is a new, previously unknown security vulnerability. It has been added to Sonatype data as SONATYPE-2022-1764 and given the designation CVE-2022-22965. Spring have acknowledged the vulnerability and released 5.3.18 and 5.2.20 to patch the issue. We recommend an immediate upgrade for all users.\n\nNOTE: A separate Spring vulnerability CVE-2022-22963 (High) disclosed a few days ago impacts Spring Cloud Function. This is a Spring Expression language SpEL vulnerability in Spring Cloud Function and is NOT related to \"Springshell\" that impacts Spring.\n\nhttps://blog.sonatype.com/new-0-day-spring-framework-vulnerability-confirmed\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "dff7c680-8862-464a-bc5f-896135b75047", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/V7m6dyWJdYDSJe7SKroRfeJFuGytvG7wnZqZe-y0JOsicXA", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"}, {"uuid": "669ac4a9-3d02-4ff7-b636-142686ef5618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/KY4PVd45dzhnz_l3x8aBIZwbkHWB1w1Cp1_7dnD8vo88jQ", "content": "", "creation_timestamp": "2023-11-20T04:04:42.000000Z"}, {"uuid": "062295c6-fcf1-4d18-a9f8-aace72eedff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/204", "content": "vx-underground\n\u043f\u0430\u0440\u043e\u043b\u044c: infected\npassword: infected", "creation_timestamp": "2022-03-31T22:40:58.000000Z"}, {"uuid": "53db0f93-bcdd-472e-8c49-8ab546ee6035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/203", "content": "|CVE-2022-22963|\n\ud83d\udd25Spring4Shell.\n\ud83d\udca5CVSS:9.0\nrce 0-day exploit found-in spring cloud\nspring4shellFAQ\nSpring4Shell scan\nPoCApp\n\nA critical security vulnerability has bloomed in the Spring Cloud Function, which could lead to remote code execution (RCE) and the compromise of an entire internet-connected host.\n\n\u041f\u043e\u043a\u0430 \u0447\u0442\u043e \u043e\u0442 Spring \u043d\u0435\u0442  \u0433\u043e\u0442\u043e\u0432\u043e\u0433\u043e \u043f\u0430\u0442\u0447\u0430, \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043c\u0435\u0440\u044b \u0441\u043e\u0432\u0435\u0442\u0443\u044e\u0442 \u043f\u043e\u043d\u0438\u0437\u0438\u0442\u044c \u0432\u0435\u0440\u0441\u0438\u044e jdk.\n\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e \u0430\u0440\u0445\u0438\u0432 \u043e\u0442 vx-underground \u043d\u0438\u0436\u0435.\n\u0421\u0441\u044b\u043b\u043a\u0430 \u043d\u0430 \u043f\u0430\u0442\u0447, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0435\u0442\u0441\u044f.\n\nSo far, there is no ready-made patch from Spring, as a temporary measure, it is advised to downgrade the jdk version.\nI attach the archive from vx-underground below.\nLink to the patch , which is currently being developed.\n\nThe exploit is easy to execute using the curl command:\ncurl -i -s -k -X $\u2019POST\u2019 -H $\u2019Host: 192.168.1.2:8080\u2032 -H $\u2019spring.cloud.function.routing-expression:T(java.lang.Runtime).getRuntime().exec(\\\u201dtouch /tmp/test\u201d)\u2019 \u2013data-binary $\u2019exploit_poc\u2019 $\u2019http://192.168.1.2:8080/functionRouter\u2019\n#cve #exploit", "creation_timestamp": "2022-04-14T01:24:45.000000Z"}, {"uuid": "3cafba17-729b-43fc-84cf-f6e2a34e613b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3510", "content": "https://github.com/sule01u/SBSCAN\n\nspring Penetration testing framework support\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965", "creation_timestamp": "2023-11-03T08:19:51.000000Z"}, {"uuid": "220fadef-4f28-4abc-8ff8-df12ceeb3433", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/ARC15INFO/331", "content": "Spring4Shell (CVE-2022-22965): details and mitigations.\n\nLast week researchers found the critical vulnerability CVE-2022-22965 in Spring \u2013 the open source Java framework. Using the vulnerability, an attacker can execute arbitrary code on a remote web server, which makes CVE-2022-22965 a critical threat, given the Spring framework\u2019s popularity. By analogy with the infamous Log4Shell threat, the vulnerability was named Spring4Shell.\n\nCVE-2022-22965 and CVE-2022-22963: technical details\n\nCVE-2022-22965 (Spring4Shell, SpringShell) is a vulnerability in the Spring Framework that uses data binding functionality to bind data stored within an HTTP request to certain objects used by an application. The bug exists in the getCachedIntrospectionResults method, which can be used to gain unauthorized access to such objects by passing their class names via an HTTP request.\n\nhttps://securelist.com/spring4shell-cve-2022-22965/106239/\n\n\ud83d\udce1@cRyPtHoN_INFOSEC_FR\n\ud83d\udce1@cRyPtHoN_INFOSEC_EN\n\ud83d\udce1@cRyPtHoN_INFOSEC_DE\n\ud83d\udce1@BlackBox_Archiv", "creation_timestamp": "2024-08-29T06:23:17.000000Z"}, {"uuid": "7d8b588e-24e5-4610-b338-f2089b9b947c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/763", "content": "Log4Shell ? NO\nSpring4Shell ? YES\nCVE-2022-22963  Spring Cloud Function Spel RCE  \nspring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec(\"xcalc\")\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0434\u044b\u0440\u043a\u0438 - \u0442\u0443\u0442\nPOC -  \u0440\u0435\u0441\u0451\u0440\u0447\u0435\u0440\u044b POC \u0437\u0430\u0436\u0430\u043b\u0438, \u043d\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 \u0437\u0430\u0431\u043e\u0442\u043b\u0438\u0432\u043e \u043f\u0440\u0438\u0433\u043e\u0442\u043e\u0432\u0438\u043b\u0438)))", "creation_timestamp": "2022-03-30T16:35:25.000000Z"}, {"uuid": "b35e7d55-b64c-481c-a893-0fb816d481c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/NeKaspersky/2088", "content": "\u041a\u0430\u0442\u0430\u0441\u0442\u0440\u043e\u0444\u0430 \u043d\u0430 Java-\u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Spring \u0438\u043b\u0438 \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell\n\n\u041d\u043e\u0432\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell (CVE-2022-22965) \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435. \u0415\u0451 \u0441\u0440\u0430\u0437\u0443 \u043e\u0442\u043d\u0435\u0441\u043b\u0438 \u043a \u043a\u043b\u0430\u0441\u0441\u0443 RCE (\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u0440\u0438 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u043d\u0430 \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u0435\u043c\u043e\u043c \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435, \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0438 \u0442.\u043f.) \u0438 \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9.8 \u0431\u0430\u043b\u043b\u043e\u0432 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS v3.0. \u0412 \u043d\u043e\u0447\u044c \u0441\u043e \u0432\u0442\u043e\u0440\u043d\u0438\u043a\u0430 \u043d\u0430 \u0441\u0440\u0435\u0434\u0443 \u0431\u044b\u043b\u0430 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430 \u0437\u0430\u043f\u0438\u0441\u044c \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u0423\u0436\u0435 \u0432 \u0441\u0440\u0435\u0434\u0443 \u043d\u0430 GitHub \u043d\u0435\u043d\u0430\u0434\u043e\u043b\u0433\u043e \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442. \u0415\u0441\u0442\u0435\u0441\u0442\u0432\u0435\u043d\u043d\u043e, \u043a\u043e\u0434 \u0443\u0441\u043f\u0435\u043b\u0438 \u0443\u0432\u0438\u0434\u0435\u0442\u044c \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438.\n\n\u0421\u0430\u043c\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Spring4Shell \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Spring Core \u0432 Java Development Kit (JDK) \u0432\u0435\u0440\u0441\u0438\u0438 9 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445. \u0422\u0430\u043a\u0436\u0435 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2010-1622. \u041f\u043e\u0441\u043b\u0435\u0434\u043d\u044f\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0434\u0440\u0443\u0433\u0438\u0445 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-22963. \u041e\u043d\u0430 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441\u043e Spring Cloud Function 3.1.6, 3.2.2 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u043c\u0438, \u043d\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u043c\u0438. \u041f\u0440\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 SpEL \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438. \u041e\u043d \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0443 \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c.\n\n\u041b\u0438\u0448\u044c \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e \u043e\u043a\u043e\u043b\u043e 37000 \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell. \u0422\u0430\u043a\u0436\u0435 16% \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u043b\u0438 \u043e\u0442 \u043f\u043e\u043f\u044b\u0442\u043e\u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041f\u043e\u043d\u0435\u0441\u043b\u0438 \u0443\u0449\u0435\u0440\u0431 28% \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435. \n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 RCE \u0440\u0435\u0448\u0438\u043b\u0438\u0441\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 Spring Framework 5.3.18 \u0438 5.2.20, \u0438 Spring Boot 2.5.12 \u0438 2.6.6. \u041e\u0434\u043d\u0430\u043a\u043e \u0431\u044b\u0432\u0430\u044e\u0442 \u0441\u043b\u0443\u0447\u0430\u0438, \u043a\u043e\u0433\u0434\u0430 \u043d\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a. \u041f\u043e\u044d\u0442\u043e\u043c\u0443 Spring \u043d\u0430 \u0441\u0432\u043e\u0451\u043c \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u043c \u0441\u0430\u0439\u0442\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0430\u0440\u0438\u0430\u043d\u0442\u043e\u0432 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u0440\u0435\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b.\n@NeKaspersky", "creation_timestamp": "2022-04-07T18:37:27.000000Z"}, {"uuid": "77e05f0d-dcbe-474b-a0ae-2d363c7822de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/true_secator/2830", "content": "Trend Micro \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell \u0431\u043e\u0442\u043d\u0435\u0442\u043e\u043c Mirai. \u041f\u0435\u0440\u0432\u044b\u043c\u0438 \u0430\u0442\u0430\u043a\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0435 \u043a\u043e\u043b\u043b\u0435\u0433\u0438 \u0438\u0437 Qihoo 360.\n\n\u0412 \u044d\u0442\u043e\u043c \u043f\u043b\u0430\u043d\u0435 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u044b \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Mirai \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0442 \u0432\u0435\u0441\u044c\u043c\u0430 \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f \u0441\u0432\u0435\u0436\u0438\u0435 CVE \u0432 \u0441\u0432\u043e\u0439 \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, \u043a\u0430\u043a \u044d\u0442\u043e \u0431\u044b\u043b\u043e \u0440\u0430\u043d\u0435\u0435 \u0441 Log4Shell.\n\n\u0420\u0435\u0447\u044c \u0438\u0434\u0435\u0442 \u043e \u0434\u0432\u0443\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 CVE-2022-22965 \u0438 CVE-2022-22963 \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0439 \u0441\u0440\u0435\u0434\u0435 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438 Java-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Spring, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430. \n\n\u041a\u0430\u0441\u0430\u0435\u043c\u043e Mirai \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0438 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 Spring4Shell, \u043a\u043e\u0433\u0434\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0435 \u041f\u041e Mirai \u0432 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u0440\u0435\u0433\u0438\u043e\u043d\u0435 \u0421\u0438\u043d\u0433\u0430\u043f\u0443\u0440\u0430. \u041e\u0431\u0440\u0430\u0437\u0435\u0446 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0441\u044f \u0432 \u043f\u0430\u043f\u043a\u0443 \u00ab/tmp\u00bb \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u043b\u0441\u044f \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0433\u043e \u0440\u0430\u0437\u0440\u0435\u0448\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u00abchmod\u00bb.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u043e \u0442\u043e, \u0447\u0442\u043e Spring4Shell \u043d\u0435 \u0442\u0430\u043a \u0448\u0438\u0440\u043e\u043a\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430, \u043a\u0430\u043a Log4Shell, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0441\u0435 \u0436\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442 \u043c\u043d\u043e\u0433\u0438\u0445, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f\u043c \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0435 \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u044b \u0434\u043b\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0441\u0438\u0441\u0442\u0435\u043c, \u043f\u043e\u043a\u0430 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u0438 \u041f\u041e \u043e\u0446\u0435\u043d\u0438\u0432\u0430\u044e\u0442 \u0441\u0442\u0435\u043f\u0435\u043d\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell\u00a0\u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b \u0438 \u0433\u043e\u0442\u043e\u0432\u044f\u0442 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043f\u0430\u0442\u0447\u0438.", "creation_timestamp": "2022-04-11T13:47:47.000000Z"}, {"uuid": "a33629a1-74b1-4928-ab75-321a8b07e74f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/true_secator/2816", "content": "\u0415\u0441\u043b\u0438 \u043c\u044b \u043e\u0431\u044b\u0447\u043d\u043e \u043f\u0440\u0438\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u043b\u0438\u0441\u044c \u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0437\u043e\u043b\u043e\u0442\u044b\u0445 72 \u0447\u0430\u0441\u043e\u0432, \u0442\u043e \u0441\u043b\u0443\u0447\u0430\u0435 \u0441\u043e Spring4Shell \u043e\u0431 \u044d\u0442\u043e\u043c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u0441\u0442\u043e\u0438\u0442 \u0437\u0430\u0431\u044b\u0442\u044c.\n\u00a0\n\u041f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0431\u044b\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044b \u0432 \u043f\u0435\u0440\u0432\u044b\u0435 \u0436\u0435 \u0434\u043d\u0438 \u0441\u0440\u0430\u0437\u0443 \u043f\u043e\u0441\u043b\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 RCE, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-22965. \u0415\u0449\u0435 \u0434\u043e \u0442\u043e\u0433\u043e, \u043a\u0430\u043a\u00a0\u0431\u044b\u043b\u0438 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f.\n\u00a0\n\u0415\u0449\u0435 \u043e\u0434\u043d\u0438\u043c \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22963, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e Spring Cloud, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434.\u00a0\u0422\u0440\u0435\u0442\u044c\u0435\u0439 \u0434\u044b\u0440\u043e\u0439 \u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2022-22950, DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\u00a0\n\u0421\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0442\u0435\u043b\u0435\u043c\u0435\u0442\u0440\u0438\u0438 Check Point, \u0442\u043e\u043b\u044c\u043a\u043e \u0437\u0430 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0432\u044b\u0445\u043e\u0434\u043d\u044b\u0435 \u0431\u044b\u043b\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043e 37 000 \u0430\u0442\u0430\u043a Spring4Shell. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0447\u0442\u0438 \u043a\u0430\u0436\u0434\u0430\u044f \u0448\u0435\u0441\u0442\u0430\u044f \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f \u0432\u043e \u0432\u0441\u0435\u043c \u043c\u0438\u0440\u0435, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f Spring4Shell, \u0443\u0436\u0435 \u0441\u0442\u0430\u043b\u0430 \u043c\u0438\u0448\u0435\u043d\u044c\u044e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432. \u041d\u0430 \u043f\u0435\u0440\u0432\u043e\u043c \u043c\u0435\u0441\u0442\u0435 \u043f\u043e \u0447\u0438\u0441\u043b\u0443 \u0436\u0435\u0440\u0442\u0432 - \u0415\u0432\u0440\u043e\u043f\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 20%. \n\u00a0\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u043c\u0438 \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, \u043d\u0430 \u0434\u043e\u043b\u044e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043f\u0440\u0438\u0445\u043e\u0434\u0438\u0442\u0441\u044f 28% \u043e\u0442 \u043e\u0431\u0449\u0435\u0433\u043e \u0447\u0438\u0441\u043b\u0430 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u043e\u0432, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0438\u0437-\u0437\u0430 \u0442\u043e\u0433\u043e, \u0447\u0442\u043e \u043e\u043d\u0438 \u044f\u0432\u043b\u044f\u044e\u0442\u0441\u044f \u043e\u0442\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0446\u0435\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a.\n\u00a0\n\u041f\u043e\u043a\u0430 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u043f\u043e\u0432\u0441\u0435\u043c\u0435\u0441\u0442\u043d\u043e \u0437\u0430\u043d\u044f\u0442\u044b \u043e\u0446\u0435\u043d\u043a\u043e\u0439 \u0432\u043b\u0438\u044f\u043d\u0438\u044f Spring4Shell \u043d\u0430 \u0441\u0432\u043e\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u0438\u043c\u0430\u044e\u0442 \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c\u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 RCE \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043f\u043e\u043b\u043d\u044b\u043c \u0445\u043e\u0434\u043e\u043c. \u041a \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u043a\u0430\u043a \u0434\u043b\u044f Spring4Shell, \u0442\u0430\u043a \u0438 \u0434\u043b\u044f CVE-2022-22963.\n\u00a0\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u00a0\u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u00a0\u0432\u0435\u0440\u0441\u0438\u0438 Spring Framework 5.3.18 \u0438 5.2.20, \u0430 \u0442\u0430\u043a\u0436\u0435 Spring Boot 2.5.12, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u0440\u0435\u0448\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 RCE, \u0430\u00a0\u0442\u0430\u043a\u0436\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e.\u00a0\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u044d\u0442\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439, \u043d\u0435 \u0437\u0430\u0431\u044b\u0432\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e CVE-2022-22963 \u0438 CVE-2022-22947 \u0432 Spring Cloud Function \u0438 Spring Cloud Gateway.", "creation_timestamp": "2022-04-06T20:32:36.000000Z"}, {"uuid": "2dfd9a3b-7bc1-4f71-9c47-ab69db414a38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/reconshell/1244", "content": "Spring4Shell and Spring Cloud RCE vulnerability Scanner\n\n#RCE #payloads #vulnerabilities #Spring4Shell #CVE-2022-22963\n#AttackSurfaceDiscovery #SpringCloud #vulnerability #Scanner\n#BugBounty #Hacking #security #Fuzzing #Exploit #Proxy #WAF\n\nhttps://reconshell.com/spring4shell-and-spring-cloud-rce-vulnerability-scanner/", "creation_timestamp": "2022-04-11T20:48:01.000000Z"}, {"uuid": "f2e58274-2be3-4a33-9020-c82a87071d5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/11398", "content": "https://github.com/darryk10/CVE-2022-22963", "creation_timestamp": "2022-03-31T14:14:34.000000Z"}, {"uuid": "3ad079b5-2f76-4a1b-9265-6b67809915a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/true_secator/2793", "content": "\u200b\u200b\u0412\u0441\u0442\u0440\u0435\u0447\u0430\u0439\u0442\u0435, Spring4Shell. \u041f\u0440\u0430\u0432\u0434\u0430, \u0435\u0441\u043b\u0438 \u0441\u0440\u0430\u0432\u043d\u0438\u0432\u0430\u0442\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0443\u044e RCE \u0432 Java Spring Framework \u0441 Log4Shell, \u044d\u0444\u0444\u0435\u043a\u0442 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u0437\u0432\u0430\u0442\u044c \u0431\u043e\u043c\u0431\u043e\u0439, \u0442\u043e \u043d\u043e\u0432\u0430\u044f 0-Day \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u043d\u0430 \u044d\u0442\u043e\u043c \u0444\u043e\u043d\u0435 \u0431\u0443\u0434\u0435\u0442 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u0442\u044c \u043a\u0430\u043a \u0441\u0432\u044f\u0437\u043a\u0430 \u043f\u0435\u0442\u0430\u0440\u0434.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0432 \u0441\u0440\u0435\u0434\u0435 Spring \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u043d\u0435\u043a\u0438\u0439 \u043a\u0438\u0442\u0430\u0439\u0441\u043a\u0438\u0439 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043d\u0430 GitHub\u00a0\u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0439 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432\u0441\u043a\u043e\u0440\u0435 \u043f\u043e\u0441\u043b\u0435 \u044d\u0442\u043e\u0433\u043e \u0443\u0434\u0430\u043b\u0438\u043b \u0432\u043c\u0435\u0441\u0442\u0435 \u0441\u043e \u0441\u0432\u043e\u0438\u043c\u0438 \u0430\u043a\u043a\u0430\u0443\u043d\u0442\u0430\u043c\u0438.\n\nSpring - \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Java EE (Enterprise Edition), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0431\u044b\u0441\u0442\u0440\u043e \u0438 \u043b\u0435\u0433\u043a\u043e \u0438\u0445 \u0440\u0430\u0437\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u0442\u044c, \u0430 \u0437\u0430\u0442\u0435\u043c \u0438  \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 Apache Tomcat, \u0432 \u0432\u0438\u0434\u0435 \u0430\u0432\u0442\u043e\u043d\u043e\u043c\u043d\u044b\u0445 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u044b\u043c\u0438 \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Praetorian, \u043d\u0435\u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0435\u043d\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Spring Core \u0432 Java Development Kit (JDK) \u0432\u0435\u0440\u0441\u0438\u0438 9 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0438 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0431\u0445\u043e\u0434\u043e\u043c \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a\u00a0CVE-2010-1622, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u0432 \u0446\u0435\u043b\u0435\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435.  \n\n\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u044f \u043e \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0440\u0430\u0437\u0433\u043b\u0430\u0448\u0430\u044e\u0442\u0441\u044f, \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u043f\u043e \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0435 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 Spring.io, \u0434\u043e\u0447\u0435\u0440\u043d\u044f\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f VMware, \u0432\u043e\u0432\u0441\u044e \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0442 \u043d\u0430\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c.\u00a0\n\n\u041d\u043e\u0432\u0430\u044f \u0431\u0430\u0433\u0430 \u043e\u0442\u043b\u0438\u0447\u0430\u0435\u0442\u0441\u044f \u043e\u0442 \u0434\u0432\u0443\u0445 \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0432 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u043d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435, \u0432\u043a\u043b\u044e\u0447\u0430\u044f DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 Spring Framework (CVE-2022-22950) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0439 Spring Cloud (CVE-2022-22963). Spring RCE \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 \u043f\u0435\u0440\u0435\u0434\u0430\u043d\u043d\u044b\u0445 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u043e\u0432.\n\nPraetorian \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0447\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0439 \u0434\u043b\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u043a\u043e\u043d\u0435\u0447\u043d\u0430\u044f \u0442\u043e\u0447\u043a\u0430 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c DataBinder (\u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u0437\u0430\u043f\u0440\u043e\u0441 POST, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0434\u0435\u043a\u043e\u0434\u0438\u0440\u0443\u0435\u0442 \u0434\u0430\u043d\u043d\u044b\u0435 \u0438\u0437 \u0442\u0435\u043b\u0430 \u0437\u0430\u043f\u0440\u043e\u0441\u0430) \u0438 \u0441\u0438\u043b\u044c\u043d\u043e \u0437\u0430\u0432\u0438\u0441\u0438\u0442 \u043e\u0442 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 \u0434\u043b\u044f \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \n\n\u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u043e\u0433\u0434\u0430 Spring \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u043d\u0430 Apache Tomcat, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d WebAppClassLoader, \u0447\u0442\u043e \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u044b\u0432\u0430\u0442\u044c \u0433\u0435\u0442\u0442\u0435\u0440\u044b \u0438 \u0441\u0435\u0442\u0442\u0435\u0440\u044b, \u0447\u0442\u043e\u0431\u044b \u0432 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u043c \u0438\u0442\u043e\u0433\u0435 \u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 JSP-\u0444\u0430\u0439\u043b \u043d\u0430 \u0434\u0438\u0441\u043a. \u041e\u0434\u043d\u0430\u043a\u043e, \u0435\u0441\u043b\u0438 Spring \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0432\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u0433\u043e \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430 \u0441\u0435\u0440\u0432\u043b\u0435\u0442\u043e\u0432 Tomcat, \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a \u043a\u043b\u0430\u0441\u0441\u043e\u0432 \u2014 \u044d\u0442\u043e LaunchedURLClassLoader, \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d.\n\n\u0412 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u044d\u0442\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u043f\u0440\u043e\u0441\u0442\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f, \u0447\u0442\u043e\u0431\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u043b \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0437\u0430\u043f\u0440\u043e\u0441 POST \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443.\u00a0\n\n\u041f\u043e \u043c\u043d\u0435\u043d\u0438\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u043e\u0432 Flashpoint, \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Spring Core \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u0447\u0442\u043e \u0435\u0435 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043d\u0435\u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u043c.\u00a0\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u0431\u0443\u0434\u0435\u0442 \u043d\u0430\u0439\u0442\u0438 \u0438 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u044b \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0430 \u0441\u0430\u043c\u043e\u043c \u0434\u0435\u043b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 DeserializationUtils.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u0432, Rapid7 \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u044e\u0442, \u0447\u0442\u043e \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u044f\u0441\u043d\u043e, \u043a\u0430\u043a\u0438\u0435 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c. ISAC \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0435\u0449\u0435 \u043d\u0435 \u0437\u0430\u0432\u0435\u0440\u0448\u0438\u043b\u0438 \u0441\u0432\u043e\u0438 \u0442\u0435\u0441\u0442\u044b \u0438 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u0442\u044c \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c PoC \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438 RCE.\n\n\u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u0442\u0435\u043c, \u0441\u043e\u0433\u043b\u0430\u0441\u043d\u043e \u0437\u0430\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044e \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0430 \u0423\u0438\u043b\u043b\u0430 \u0414\u043e\u0440\u043c\u0430\u043d\u043d\u0430 \u0438\u0437 CERT/CC, \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 Spring4Shell \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435 \u0432\u0441\u0435 \u0436\u0435 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u0443\u0435\u0442 \u0438 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0442 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f. \u0412\u043e\u043e\u0431\u0449\u0435, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u043e\u0432 BleepingComputer, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u043d\u0435\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c \u043c\u0435\u0440\u044b \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u0430\u0442\u0430\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f\u043c\u0438 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u0430 Spring Core DataBinder.", "creation_timestamp": "2022-03-31T16:01:37.000000Z"}, {"uuid": "808aface-7252-444c-9f56-c446b77508ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/cibsecurity/40025", "content": "\u203c CVE-2022-22963 \u203c\n\nIn Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-02T02:19:59.000000Z"}, {"uuid": "5cd9897c-cbf2-4df8-8c49-8cda9cad14e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/DerechodelaRed/4030", "content": "\ud83d\udee1\u25b6\ufe0f Nuevo RCE en Java: Spring4Shell\n\nEntre el pasado 29 de marzo de 2022 y el d\u00eda de hoy se han dado a conocer dos nuevas vulnerabilidades que dan lugar a ejecuci\u00f3n remota de comandos: Spring4Shell y CVE-2022-22963. Adem\u00e1s, hay una tercera vulnerabilidad a\u00fan sin confirmar.\n\n\u25aa\ufe0f Spring4Shell: RCE confirmado en la librer\u00eda de Java Spring Core &lt;=5.3.17.\n\u25aa\ufe0f CVE-2022-22963: RCE confirmado en Spring Cloud Function &lt;=3.1.6 y &lt;=3.2.2.\n\u25aa\ufe0f La tercera vulnerabilidad, a\u00fan sin confirmar, se trata de un fallo en el proceso de deserializaci\u00f3n en Spring Core que podr\u00eda dar lugar tambi\u00e9n a ataques RCE.\n\nhttps://unaaldia.hispasec.com/2022/04/nuevo-rce-en-java-spring4shell.html\n\n\ud83d\udd0a t.me/derechodelared", "creation_timestamp": "2022-04-05T12:21:54.000000Z"}, {"uuid": "e96878cd-b22d-4a29-8903-cea2daf7f544", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "exploited", "source": "https://t.me/information_security_channel/47112", "content": "Spring4Shell Vulnerability Exploited by Mirai Botnet\nhttps://www.securityweek.com/spring4shell-vulnerability-exploited-mirai-botnet\n\nCybersecurity firm Trend Micro on Friday confirmed some earlier reports that the new Spring4Shell vulnerability has been exploited by the Mirai botnet.\nTwo critical vulnerabilities have been patched recently in the popular Java application development framework Spring: CVE-2022-22965 (aka Spring4Shell and SpringShell) and CVE-2022-22963.\nread more (https://www.securityweek.com/spring4shell-vulnerability-exploited-mirai-botnet)", "creation_timestamp": "2022-04-08T15:05:17.000000Z"}, {"uuid": "3f4bf1b8-877d-41f8-89b0-7213f05b2a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1867", "content": "#CVE-2022\n\nThis includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed \\\"SpringShell\\\".\n\nhttps://github.com/kh4sh3i/Spring-CVE\n\n@BlueRedTeam", "creation_timestamp": "2022-04-01T10:49:48.000000Z"}, {"uuid": "3b1ec080-1c78-4d93-923d-9cd778e86155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1938", "content": "#CVE-2022\n\nspring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963\n\nhttps://github.com/hktalent/spring-spel-0day-poc\n\n@BlueRedTeam", "creation_timestamp": "2022-04-15T20:52:33.000000Z"}, {"uuid": "0006f3db-c0e7-46fe-868f-9f533b1e7215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1877", "content": "#CVE-2022\n\nSpring Cloud Function Vulnerable Application / CVE-2022-22963\n\nhttps://github.com/me2nuk/CVE-2022-22963\n\n@BlueRedTeam", "creation_timestamp": "2022-06-18T14:55:41.000000Z"}, {"uuid": "97ad14d6-2abe-45af-b442-57faae8d1af7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5711", "content": "#Threat_Research\nSpring4Shell (CVE-2022-22963):\nSpring Core RCE 0-day Vulnerability\nhttps://www.cyberkendra.com/2022/03/spring4shell-details-and-exploit-code.html\n]-&gt; Hardening: https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html\n]-&gt; Repo: https://github.com/BobTheShoplifter/Spring4Shell-POC", "creation_timestamp": "2022-03-31T11:07:01.000000Z"}, {"uuid": "63a3be50-8a1b-42bc-b692-bfc1d55ff1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1418", "content": "https://github.com/sule01u/SBSCAN\nspring \u6e17\u900f\u6d4b\u8bd5\u6846\u67b6 \u652f\u6301\nCVE-2018-1273\nCVE-2019-3799\nCVE-2020-5410\nCVE-2022-22947\nCVE-2022-22963\nCVE-2022-22965\n\n#github #tools", "creation_timestamp": "2023-11-02T13:56:07.000000Z"}, {"uuid": "2ab644ab-077f-4714-85ed-f9b2f76d0a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5786", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (Mar 1-31)\n\nCVE-2022-1096 - Type Confusion in V8\nhttps://github.com/Maverick-cmd/Chrome-and-Edge-Version-Dumper\nCVE-2022-0847 - Dirty Pipe Vuln\nhttps://t.me/CyberSecurityTechnologies/5560\nCVE-2022-0778 - OpenSSL Illegal x.509 certificate construction\nhttps://t.me/CyberSecurityTechnologies/5692\nCVE-2022-0492 - Privilege escalation vuln causing container escape\nhttps://sysdig.com/blog/detecting-mitigating-cve-2022-0492-sysdig\nCVE-2022-22947 - Spring Cloud Gateway RCE\nhttps://t.me/CyberSecurityTechnologies/5554\nCVE-2022-22963 - Spring Core RCE\nhttps://t.me/CyberSecurityTechnologies/5711\nCVE-2022-25636 - net/netfilter/nf_dup_netdev.c in the Linux kernel &lt;5.6.10 allows local users to gain privileges because of a heap out-of-bounds write\nhttps://t.me/CyberSecurityTechnologies/5570\nCVE-2022-27254 - Vuln in Honda's Remote Keyless System\nhttps://github.com/nonamecoder/CVE-2022-27254\nCVE-2022-0609 - https://blog.google/threat-analysis-group/countering-threats-north-korea", "creation_timestamp": "2022-04-11T11:00:21.000000Z"}, {"uuid": "55315050-aac8-48f9-8e75-e17c5cdbe5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/YWFq1kO-0vBzxqojGeacVsj25iQkaFTGhDsSqxKGOTwD_A", "content": "", "creation_timestamp": "2022-04-04T18:21:14.000000Z"}, {"uuid": "fe671ec4-4e2f-4123-a530-43abb8b01d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7956", "content": "#exploit\n1. CVE-2022-22963:\nVulnerability in the Spring Cloud Function Framework for Java that allows RCE\nhttps://github.com/J0ey17/CVE-2022-22963_Reverse-Shell-Exploit\n\n2. CVE-2023-0861:\nCommand Injection Vulnerability  in NetModule Routers\nhttps://github.com/seifallahhomrani1/CVE-2023-0861-POC", "creation_timestamp": "2023-03-19T13:41:00.000000Z"}, {"uuid": "42f0d4b9-1265-405c-a9bc-008a93f514d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "published-proof-of-concept", "source": "Telegram/hMkE2PfNl9y0pgJJRDyurEwmJZXYDsszQ8x8spuf9FUuWGM", "content": "", "creation_timestamp": "2022-03-31T12:53:28.000000Z"}, {"uuid": "ba91e956-615f-4fd0-925f-fedd8462cde5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-22963", "type": "seen", "source": "Telegram/yfj8_Wf1r81ZM9XH5mmBYiYd4G1zdIl6xbgawa_XXGScCdQ", "content": "", "creation_timestamp": "2026-05-05T21:00:04.000000Z"}]}