CVE-2022-22965CISA KEV: Actively Exploited

Spring Framework JDK 9+ Remote Code Execution Vulnerability

Published Apr 4, 2022·Updated Apr 4, 2022

Description

Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding.

Public Exploits & PoCs88 found

PoC: Spring4Shell-POC

Spring4Shell Proof Of Concept/And vulnerable application CVE-2022-22965

269

PoC: Spring4Shell-POC

Dockerized Spring4Shell (CVE-2022-22965) PoC application and exploit

235

PoC: SpringShell

Spring4Shell - Spring Core RCE - CVE-2022-22965

92

PoC: CVE-2022-22965

Spring Framework RCE (CVE-2022-22965) Nmap (NSE) Checker (Non-Intrusive)

90

PoC: spring-core-rce

CVE-2022-22965 : about spring core rce

49

PoC: Safer_PoC_CVE-2022-22965

A Safer PoC for CVE-2022-22965 (Spring4Shell)

45

PoC: spring4shell_behinder

CVE-2022-22965写入冰蝎webshell脚本

36

PoC: SpringFramework_CVE-2022-22965_RCE

SpringFramework 远程代码执行漏洞CVE-2022-22965

35

PoC: spring4shell-exploit-poc

Exploit a vulnerable Spring application with the Spring4Shell (CVE-2022-22965) Vulnerability.

35

PoC: CVE-2022-22965-Spring-Core-Rce

批量无损检测CVE-2022-22965

29

PoC: spring-core-rce

springFramework_CVE-2022-22965_RCE简单利用

24

PoC: spring-core-rce

spring框架RCE漏洞 CVE-2022-22965

24

PoC: CVE-2022-22965-GUItools

spring-core单个图形化利用工具,CVE-2022-22965及修复方案已出

18

PoC: CVE-2022-22965-poc

CVE-2022-22965 poc including reverse-shell support

16

PoC: CVE-2022-22965_PoC

Spring Framework RCE (Quick pentest notes)

16

PoC: go-scan-spring

Vulnerability scanner for Spring4Shell (CVE-2022-22965)

10

PoC: CVE-2022-22965-POC

CVE-2022-22965 spring-core批量检测脚本

8

PoC: CVE-2022-22965

Docker PoC for CVE-2022-22965 with Spring Boot version 2.6.5

7

PoC: CVE-2022-22965

CVE-2022-22965 POC

7

PoC: CVE-2022-22965

Spring4Shell (CVE-2022-22965)

7

PoC: CVE-2022-22965_Spring_Core_RCE

CVE-2022-22965\Spring-Core-RCE堪比关于 Apache Log4j2核弹级别漏洞exp的rce一键利用

6

PoC: CVE-2022-22965

Vulnerabilidad RCE en Spring Framework vía Data Binding on JDK 9+ (CVE-2022-22965 aka "Spring4Shell")

6

PoC: spring4shell_victim

Intentionally vulnerable Spring app to test CVE-2022-22965

4

PoC: CVE-2022-22965

Spring Framework RCE via Data Binding on JDK 9+ / spring4shell / CVE-2022-22965

4

PoC: CVE-2022-22965

Spring-0day/CVE-2022-22965

4

PoC: CVE-2022-22965-PoC

CVE-2022-22965 (Spring4Shell) Proof of Concept

3

PoC: spring-framework-rce

CVE-2022-22965

3

PoC: CVE-2022-22965

CVE-2022-22965 EXP

3

PoC: springboot_CVE-2022-22965

CVE-2022-22965 pocsuite3 POC

2

PoC: spring-rec-demo

The demo code showing the recent Spring4Shell RCE (CVE-2022-22965)

2

PoC: CVE-2022-22965

Exploit Of Spring4Shell!

2

PoC: Spring4shell-CVE-2022-22965-POC

Another spring4shell (Spring core RCE) POC

2

PoC: cve-2022-22965

Spring4Shell - CVE-2022-22965

2

PoC: nmap-spring4shell

Nmap Spring4Shell NSE script for Spring Boot RCE (CVE-2022-22965)

2

PoC: CVE-2022-22965

CVE-2022-22965 - Spring4Shell

1

PoC: CVE-2022-22965

A Remote Code Execution exploit targeting Spring Framework vulnerability CVE-2022-22965 💀

1

PoC: firewall

🔒 Spring4Shell Firewall Defense — Cybersecurity Incident Simulation This project is part of a Cybersecurity Job Simulation I completed in August 2025 through Forage. It focuses on detecting, analyzing, and mitigating a simulated real-world cyberattack involving the Spring4Shell (CVE-2022-22965) vulnerability

1

PoC: CVE-2022-22965

🚀 Exploit for Spring core RCE in C [ wip ]

1

PoC: CVE-2022-22965-spring4shell

CVE-2022-22965 Spring4Shell research & PoC

1

PoC: CVE-2022-22965

spring4shell | CVE-2022-22965

1

PoC: Spring4Shell

Spring4Shell , Spring Framework RCE (CVE-2022-22965) , Burpsuite Plugin

1

PoC: Spring4Shell-CVE-2022-22965.py

Script to check for Spring4Shell vulnerability

1

PoC: CVE-2022-22965_Spring4Shell

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is not vulnerable to the exploit. However, the nature of the vulnerability is more general, and there may be other ways to exploit it.

1

PoC: Invoke-CVE-2022-22965-SafeCheck

PowerShell port of CVE-2022-22965 vulnerability check by colincowie.

1

PoC: CVE-2022-22965

CVE-2022-22965 Environment

1

PoC: jfrog-apptrust-demo

JFrog AppTrust lifecycle policy enforcement demo — shows release gate blocking CVE-2022-22965 (Spring4Shell) with waiver request flow

PoC: PoC-CVE-2022-22965-Spring4Shell

Description

PoC: Spring4Shell-CTF

Spring4Shell (CVE-2022-22965) 漏洞環境搭建與 CTF 題目

PoC: CVE-2022-22965

CVE-2022-22965

PoC: dfir-malware-investigation

Spring4Shell (CVE-2022-22965) DFIR lab with exploit simulation, Python WAF, IOC-based detection, and PCAP analysis.

PoC: CVE-2022-22965-Spring4Shell-Security-Operations-Analysis

A comprehensive Security Operations Centre (SOC) incident response simulation demonstrating threat detection, triage, analysis, and mitigation of the Spring4Shell vulnerability (CVE-2022-22965).

PoC: CVE-2022-22965

Spring4Shell

PoC: GhostStrike

Fully automated Spring4Shell (CVE-2022-22965) + GitLab RCE framework

PoC: CS4239-Spring4Shell-POC

CVE-2022-22965 proof of concept for CS4239 report

PoC: Spring4Shell-Python-Firewall-POC

Proof-of-Concept (POC) of a simple firewall in Python designed to mitigate the Spring4Shell (CVE-2022-22965) RCE attack by inspecting and blocking malicious request bodies.

PoC: telstra-cyber-analyst-job-simulation

Cybersecurity simulation showcasing SOC analyst skills in malware triage, incident response, and vulnerability management (Spring4Shell CVE-2022-22965).

PoC: fire-wall-server

Python-based simulated firewall to detect and block Spring4Shell (CVE-2022-22965) exploit attempts. This project filters HTTP requests by identifying malicious payload patterns using a custom firewall_server.py and tests them with test_requests.py.

PoC: CVE-2022-22965

Spring4Shell (POC)

PoC: spring4shell-vulnerable-application

(CVE-2022-22965)PoC 应用程序和漏洞利用

PoC: web-threat-mitigation

Hands-on lab on detecting and mitigating web app threats using OWASP ZAP, Burp Suite, and ModSecurity WAF (with OWASP CRS). Case study: Spring4Shell (CVE-2022-22965). Local Docker-based setup.

PoC: Spring4Shell

In this challenge, I analyzed the Spring4Shell (CVE-2022-22965) vulnerability, investigated security bypasses, and wrote an Incident Postmortem Report detailing the detection, impact, and resolution of the attack. I also implemented a firewall rule in Python to block malicious requests and prevent future exploitation.

PoC: Block-Spring4Shell

POC firewall with rules designed to detect and block Spring4Shell vulnerability (CVE-2022-22965) exploit

PoC: Firewall-Rules

Firewall rules to mitigate a zero-day vulnerability malware attack (CVE-2022-22965), known as Spring4Shell

PoC: CVE-2022-22965

Spring4Shell Vulnerability RCE - CVE-2022-22965

PoC: Spring4Shell-PoC

A quick python script that automates the exploitation of the second deadliest Java based vulnerability CVE-2022-22965.

PoC: spring4shell

PoC and exploit for CVE-2022-22965 Spring4Shell

PoC: Spring4Shell

Spring rce environment for CVE-2022-22965

PoC: CVE-2022-22965

Poc&Exp,支持批量扫描,反弹shell

PoC: Telstra-Cybersecurity-Virtual-Experience-

A simple python script for a firewall rule that blocks incoming requests based on the Spring4Shell (CVE-2022-22965) vulnerability

PoC: Spring4Shell-PoC-exploit

Demonstrable Proof of Concept Exploit for Spring4Shell Vulnerability (CVE-2022-22965)

PoC: CVE-2022-22965

🚀 Exploit for Spring core RCE in C [ wip ]

PoC: Spring4Shell-CVE-2022-22965-POC

User friendly Spring4Shell POC

PoC: CVE-2022-22965-rexbb

CVE-2022-22965\Spring-Core-RCE核弹级别漏洞的rce图形化GUI一键利用工具,基于JavaFx开发,图形化操作更简单,提高效率。

PoC: SSE4-CVE-2022-22965

CVE-2022-22965 proof of concept

PoC: Fast-CVE-2022-22965

CVE-2022-22965图形化检测工具

PoC: CVE-2022-22965

Exploit for SpringShell.

PoC: Spring4Shell-CVE-2022-22965

EXP for Spring4Shell(CVE-2022-22965)

PoC: CVE-2022-22965

Spring exploit (LIMITED COPIES)

PoC: -Spring4Shell-CVE-2022-22965-

exploitation script tryhackme

PoC: Spring4Shell-CVE-2022-22965.py

Script to check for Spring4Shell vulnerability

PoC: Spring4ShellPoC

Spring4Shell PoC (CVE-2022-22965)

PoC: CVE-2022-22965

Spring Framework RCE Exploit

PoC: CVE-2022-22965

Spring4Shell is a critical RCE vulnerability in the Java Spring Framework and is one of three related vulnerabilities published on March 30

PoC: spring-shell-vuln

Spring has Confirmed the RCE in Spring Framework. The team has just published the statement along with the mitigation guides for the issue. Now, this vulnerability can be tracked as CVE-2022-22965.

PoC: CVE-2022-22965-POC

CVE-2022-22965 spring-core批量检测脚本

PoC: CVE-2022-22965-POC

CVE-2022-22965 spring-core批量检测脚本

PoC: spring-boot-cve-2022-22965

Showcase of overridding the Spring Framework version in older Spring Boot versions

PoC: springhound

Created after the release of CVE-2022-22965 and CVE-2022-22963. Bash script that detects Spring Framework occurrences in your projects and systems, allowing you to get insight on versions used. Unpacks JARs and analyzes their Manifest files.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free