NOMISEC-Gotcha1G/CVE-2022-42889

NOMISEC SCANNER

Exploit for CVE-2022-42889 - Apache Commons Text < 1.10.0 - Code Injection

AI Analysis

This YAML file is a Nuclei template designed to detect CVE-2022-42889 (Text4Shell) by sending crafted requests to trigger a DNS interaction via an OGNL injection payload. It does not execute arbitrary commands but confirms vulnerability via DNS callbacks.

Attack Type

RCE

Complexity

trivial

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1203 - Exploitation for Client Execution

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 1

https://github.com/Gotcha1G/CVE-2022-42889

Stars 2

Forks 1

Last Push Nov 02, 2022

Authors

Gotcha1G Mrhacker404

Vulnerability

CVE-2022-42889

Apache Commons Text < 1.10.0 - Code Injection

CRITICAL

CVSS 9.8