NOMISEC-vickyaryan7/Text4shell-exploit

NOMISEC WORKING POC
Exploit for CVE-2022-42889 - Apache Commons Text < 1.10.0 - Code Injection
AI Analysis

This is a functional PoC exploit for CVE-2022-42889 (Text4Shell), targeting Apache Commons Text versions 1.5 through 1.9. It leverages string interpolation to execute arbitrary commands via a malicious payload, requiring netcat on the target system to establish a reverse shell.

Attack Type
RCE
Complexity
trivial
Reliability
reliable
MITRE ATT&CK
T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter
Loading exploit code...
Download ZIP Password: eip
Source
Platform Nomisec
Type poc
Files 3
Stars 5
Forks 0
Last Push Nov 21, 2022
Authors
vickyaryan7 Vicky Aryan (@pwnb0y)
Vulnerability
CVE-2022-42889
Apache Commons Text < 1.10.0 - Code Injection
CRITICAL
CVSS 9.8