When using routing functionality in VMware Tanzu's Spring Cloud Function, it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
PoC: spring-spel-0day-poc
spring-cloud / spring-cloud-function,spring.cloud.function.routing-expression,RCE,0day,0-day,POC,EXP,CVE-2022-22963
PoC: CVE-2022-22963
CVE-2022-22963 PoC
PoC: Spring-CVE
This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".
PoC: CVE-2022-22963
CVE-2022-22963 Spring-Cloud-Function-SpEL_RCE_exploit
PoC: CVE-2022-22963
Spring Cloud Function Vulnerable Application / CVE-2022-22963
PoC: CVE-2022-22963-Spring-Core-RCE
A Proof-of-Concept (PoC) of the Spring Core RCE (Spring4Shell or CVE-2022-22963) in Bash (Linux).
PoC: spring-cloud-function-rce
Spring Cloud Function SPEL表达式注入漏洞(CVE-2022-22963)
PoC: CVE-2022-22963
spring cloud function 一键利用工具! by charis 博客http://www.charis3306.top/
PoC: cve-2022-22963
Spring Cloud Function SpEL - cve-2022-22963
PoC: Spring0DayCoreExploit
{ Spring Core 0day CVE-2022-22963 }
PoC: CVE-2022-22963
CVE-2022-22963-poc
PoC: CVE-2022-22963-PoC
CVE-2022-22963 RCE PoC in python
PoC: SpringCloudFunction-Research
CVE-2022-22963 research
PoC: CVE-2022-22963
POC for CVE-2022-22963
PoC: CVE-2022-22963
Simple exploit
PoC: CVE-2022-22963
CVE to CTF FP
PoC: CVE-2022-22963-Poc-Bearcules
This is a POC for CVE-2022-22963
PoC: Exploit-for-CVE-2022-22963
An exploit for the CVE-2022-22963 (Spring Cloud Function Vulnerability)
PoC: RCE-in-Spring-Cloud-CVE-2022-22963
Exploit for CVE-2022-22963 remote command execution in Spring Cloud Function
PoC: CVE-2022-22963
Binaries for CVE-2022-22963
PoC: CVE-2022-22963-Exploit
Rust-based exploit for the CVE-2022-22963 vulnerability
PoC: CVE-2022-22963_Reverse-Shell-Exploit
CVE-2022-22963 is a vulnerability in the Spring Cloud Function Framework for Java that allows remote code execution. This python script will verify if the vulnerability exists, and if it does, will give you a reverse shell.
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free