CVE-2024-22243

HIGH

UriComponentsBuilder - Open Redirect

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2024-22243. PoCs published by SeanPesce, shellfeel, Reivap.

AI-analyzed exploit summary This repository contains a functional proof-of-concept demonstrating CVE-2024-22243, a URL-parsing vulnerability in Spring Framework that can lead to open redirect and SSRF due to abnormal handling of the 'userinfo' segment in URLs. The included Java web application provides exploitable endpoints to showcase the vulnerability.

Description

Applications that use UriComponentsBuilder to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks.

Exploits (3)

nomisec WORKING POC 9 stars
by SeanPesce · poc
https://github.com/SeanPesce/CVE-2024-22243

This repository contains a functional proof-of-concept demonstrating CVE-2024-22243, a URL-parsing vulnerability in Spring Framework that can lead to open redirect and SSRF due to abnormal handling of the 'userinfo' segment in URLs. The included Java web application provides exploitable endpoints to showcase the vulnerability.

Classification
Working Poc 95%
Attack Type
Ssrf | Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Spring Framework (affected versions)
No auth needed
Prerequisites: Access to a vulnerable Spring application · Ability to craft malicious URLs
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec WORKING POC 5 stars
by shellfeel · poc
https://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234

This repository contains a functional Spring Boot application demonstrating CVE-2024-22243 and CVE-2024-22234, likely related to authentication bypass or SSRF via URI parsing flaws. The `/vul` endpoint and `UriComponentsBuilder` usage in `IndexController` suggest exploitation of improper URI validation.

Classification
Working Poc 90%
Attack Type
Auth Bypass | Ssrf
Complexity
Moderate
Reliability
Reliable
Target: Spring Security (version not specified)
No auth needed
Prerequisites: Spring Boot application with vulnerable Spring Security configuration
devstral-2 · analyzed Feb 18, 2026 Full analysis →
nomisec STUB
by Reivap · poc
https://github.com/Reivap/CVE-2024-22243

The repository contains only a README.md file with minimal content, referencing another user (@SeanPesce) without providing any exploit code or technical details. It lacks substance and does not demonstrate functionality or analysis.

Classification
Stub 90%
Attack Type
Other
Complexity
Trivial
Reliability
Theoretical
Target: unknown
No auth needed
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.1
EPSS 0.5959
EPSS Percentile 98.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-601
Status published
Products (4)
org.springframework/spring-web 6.1.0 - 6.1.4Maven
Spring/Spring Framework 5.3.x - 5.3.32
Spring/Spring Framework 6.0.x - 6.0.17
Spring/Spring Framework 6.1.x - 6.1.4
Published Feb 23, 2024
Tracked Since Feb 18, 2026