BobTheShoplifter

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

374 stars

CVSS 9.8

View Code

CVE-2023-52251 NOMISEC HIGH WORKING POC

Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.

An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.

20 stars

CVSS 8.8

View Code

CVE-2021-45046 NOMISEC CRITICAL WRITEUP

Apache Log4j < 2.12.2 - Remote Code Execution

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. This could allows attackers with control over Thread Context Map (MDC) input data when the logging configuration uses a non-default Pattern Layout with either a Context Lookup (for example, $${ctx:loginId}) or a Thread Context Map pattern (%X, %mdc, or %MDC) to craft malicious input data using a JNDI Lookup pattern resulting in an information leak and remote code execution in some environments and local code execution in all environments. Log4j 2.16.0 (Java 8) and 2.12.2 (Java 7) fix this issue by removing support for message lookup patterns and disabling JNDI functionality by default.

4 stars

CVSS 9.0

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

3 stars

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

2 stars

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

1 stars

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2022-22966 NOMISEC HIGH WORKING POC

VMware Cloud Director 10.1.0-10.1.4.1 - Authenticated Remote Code Execution

An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server.

CVSS 7.2

View Code

CVE-2022-22965 NOMISEC CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2022-22965 VULNCHECK_XDB CRITICAL WORKING POC

Spring Framework - Remote Code Execution via Data Binding

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

CVSS 9.8

View Code

CVE-2023-52251 METASPLOIT HIGH ruby WORKING POC

Kafka UI Unauthenticated Remote Command Execution via the Groovy Filter option.

An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.

CVSS 8.8

View Code