NOMISEC-shellfeel/CVE-2024-22243-CVE-2024-22234

NOMISEC WORKING POC

Exploit for CVE-2024-22243 - UriComponentsBuilder - Open Redirect

AI Analysis

This repository contains a functional Spring Boot application demonstrating CVE-2024-22243 and CVE-2024-22234, likely related to authentication bypass or SSRF via URI parsing flaws. The `/vul` endpoint and `UriComponentsBuilder` usage in `IndexController` suggest exploitation of improper URI validation.

Attack Type

auth_bypass | SSRF

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1021 - Remote Services

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 15

https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234

Stars 5

Forks 2

Last Push Feb 28, 2024

Authors

shellfeel

Vulnerability

CVE-2024-22243

UriComponentsBuilder - Open Redirect

HIGH

CVSS 8.1