CVE-2022-46166

HIGH LAB

Spring Boot Admin <2.7.8 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-46166. PoCs published by shoucheng3.

AI-analyzed exploit summary This repository contains a proof-of-concept exploit for CVE-2022-46166, a vulnerability in Spring Boot Admin. The exploit leverages the vulnerability to achieve remote code execution (RCE) by manipulating the registration process of client applications.

Description

Spring boot admins is an open source administrative user interface for management of spring boot applications. All users who run Spring Boot Admin Server, having enabled Notifiers (e.g. Teams-Notifier) and write access to environment variables via UI are affected. Users are advised to upgrade to the most recent releases of Spring Boot Admin 2.6.10 and 2.7.8 to resolve this issue. Users unable to upgrade may disable any notifier or disable write access (POST request) on `/env` actuator endpoint.

Exploits (1)

nomisec WORKING POC 1 stars

by shoucheng3 · poc

https://github.com/shoucheng3/codecentric__spring-boot-admin_CVE-2022-46166_2-6-9

View Code ZIP pw:eip

This repository contains a proof-of-concept exploit for CVE-2022-46166, a vulnerability in Spring Boot Admin. The exploit leverages the vulnerability to achieve remote code execution (RCE) by manipulating the registration process of client applications.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Spring Boot Admin versions prior to 2.6.9

No auth needed

Prerequisites: Access to the Spring Boot Admin server · Network connectivity to the target server

MITRE ATT&CK

T1189 - Drive-by Compromise T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Mitigation, Third Party Advisory x_refsource_confirm

https://github.com/codecentric/spring-boot-admin/security/advisories/GHSA-w3x5-427h-wfq6

Patch, Third Party Advisory x_refsource_misc

https://github.com/codecentric/spring-boot-admin/commit/c14c3ec12533f71f84de9ce3ce5ceb7991975f75

View Patch ZIP pw:eip

Scores

CVSS v3 8.0

EPSS 0.1271

EPSS Percentile 94.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Lab Environment

COMMUNITY

Community Lab

docker pull library/consul

docker pull springcloud/eureka

docker pull springcloud/configserver

docker pull springcloud/customers

docker pull springcloud/stores

+4 more images

https://github.com/shoucheng3/codecentric__spring-boot-admin_CVE-2022-46166_2-6-9

https://github.com/codecentric/spring-boot-admin

View in Library

Details

CWE

CWE-94

Status published

Products (3)

codecentric/spring_boot_admin 3.0.0 m1 (5 CPE variants)

codecentric/spring_boot_admin < 2.6.10

de.codecentric/spring-boot-admin 0 - 2.6.10Maven

Published Dec 09, 2022

Tracked Since Feb 18, 2026