Vulnerability feed

Vulnerability

CVE-2022-22947

Reference to the description:: https://nvd.nist.gov/vuln/detail/CVE-2022-22947
Description:: In spring cloud gateway versions prior to 3.1.1+ and 3.0.7+ , applications are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.
Last updated date:: 10/28/2022

Reports

alt

ACTIVELY EXPLOITED

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 05/13/2022
Reference url to background: https://twitter.com/MsftSecIntel/status/1525158223514423303

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 05/16/2022
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploitation
Confidence:: HIGH
Date of publishing:: 05/16/2022
Reference url to background: https://www.cisa.gov/known-exploited-vulnerabilities-catalog

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/02/2022
Reference url to background: https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/cgddgc/cve-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/shakeman8/CVE-2022-22947-RCE

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/Vulnmachines/spring-cve-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/Axx8/CVE-2022-22947_Rce_Exp

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/carlosevieira/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/crowsec-edtech/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/03/2022
Reference url to background: https://github.com/Tas9er/SpringCloudGatewayRCE

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/Greetdawn/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/helloexp/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/york-cmd/CVE-2022-22947-goby

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/tangxiaofeng7/CVE-2022-22947-Spring-Cloud-Gateway

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/dingxiao77/-cve-2022-22947-

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/nu0l/cve-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/chaosec2021/CVE-2022-22947-POC

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/Xd-tl/CVE-2022-22947-Rce_POC

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/hunzi0/CVE-2022-22947-Rce_POC

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/04/2022
Reference url to background: https://github.com/march0s1as/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/07/2022
Reference url to background: https://github.com/j-jasson/CVE-2022-22947-Spring-Cloud-Gateway-SpelRCE

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/07/2022
Reference url to background: https://github.com/YutuSec/SpEL

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/07/2022
Reference url to background: https://github.com/darkb1rd/cve-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/07/2022
Reference url to background: https://github.com/mrknow001/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/08/2022
Reference url to background: https://github.com/aodsec/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/10/2022
Reference url to background: https://github.com/An0th3r/CVE-2022-22947-exp

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/10/2022
Reference url to background: https://github.com/Arrnitage/CVE-2022-22947-exp

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/10/2022
Reference url to background: https://github.com/Arrnitage/CVE-2022-22947_exp

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/13/2022
Reference url to background: https://github.com/k3rwin/spring-cloud-gateway-rce

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/17/2022
Reference url to background: https://github.com/Wrin9/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/17/2022
Reference url to background: http://packetstormsecurity.com/files/166219/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/18/2022
Reference url to background: https://github.com/viemsr/spring_cloud_gateway_memshell

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/21/2022
Reference url to background: https://github.com/Enokiy/cve-2022-22947-spring-cloud-gateway

Type:: exploit
Confidence:: HIGH
Date of publishing:: 03/30/2022
Reference url to background: https://github.com/sagaryadav8742/springcloudRCE

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/06/2022
Reference url to background: https://github.com/Ha0Liu/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/11/2022
Reference url to background: https://github.com/F6JO/Burp_VulPscan

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/15/2022
Reference url to background: https://github.com/twseptian/cve-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 04/26/2022
Reference url to background: https://github.com/whwlsfb/cve-2022-22947-godzilla-memshell

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/16/2022
Reference url to background: https://github.com/0730Nophone/CVE-2022-22947-

Type:: exploit
Confidence:: HIGH
Date of publishing:: 05/19/2022
Reference url to background: https://github.com/anansec/CVE-2022-22947_EXP

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/08/2022
Reference url to background: https://github.com/stayfoolish777/CVE-2022-22947-POC

Type:: exploit
Confidence:: HIGH
Date of publishing:: 06/25/2022
Reference url to background: https://github.com/B0rn2d/Spring-Cloud-Gateway-Nacos

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/03/2022
Reference url to background: https://github.com/LY613313/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 08/23/2022
Reference url to background: https://github.com/SiJiDo/CVE-2022-22947

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/12/2022
Reference url to background: https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/spring_cloud_gateway_rce.rb

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/28/2022
Reference url to background: http://packetstormsecurity.com/files/168742/Spring-Cloud-Gateway-3.1.0-Remote-Code-Execution.html

Type:: exploit
Confidence:: HIGH
Date of publishing:: 10/29/2022
Reference url to background: https://github.com/savior-only/CVE-2022-22947

Vulnerability Feed Contributors About Blog

@inTheWild

©2023 |