CVE-2021-22053

HIGH EXPLOITED IN THE WILD NUCLEI

Vmware Spring Cloud Netflix < 2.2.10 - Code Injection

Title source: rule

Description

Applications using both `spring-cloud-netflix-hystrix-dashboard` and `spring-boot-starter-thymeleaf` expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at `/hystrix/monitor;[user-provided data]`, the path elements following `hystrix/monitor` are being evaluated as SpringEL expressions, which can lead to code execution.

Exploits (2)

nomisec WORKING POC 37 stars

by SecCoder-Security-Lab · poc

https://github.com/SecCoder-Security-Lab/spring-cloud-netflix-hystrix-dashboard-cve-2021-22053

View Code ZIP pw:eip

nomisec WRITEUP 1 stars

by Vulnmachines · poc

https://github.com/Vulnmachines/CVE-2021-22053

View Code ZIP pw:eip

Nuclei Templates (1)

Spring Cloud Netflix Hystrix Dashboard <2.2.10 - Remote Code Execution

HIGHby forgedhallpass

References (1)

[Vendor Advisory] https://tanzu.vmware.com/security/cve-2021-22053

Scores

CVSS v3 8.8

EPSS 0.8956

EPSS Percentile 99.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2022-05-31

InTheWild.io 2022-05-31

CWE

CWE-94

Status published

Products (2)

org.springframework.cloud/spring-cloud-netflix-hystrix-dashboard 0 - 2.2.10.RELEASEMaven

vmware/spring_cloud_netflix 2.2.0 - 2.2.10

Published Nov 19, 2021

Tracked Since Feb 18, 2026