Java Spring framework vulnerability 30th March, 2022

A few days ago, there was discovered a bug in the Java Spring framework that allows for remote exploitation of the framework.

It is referred as to “SpringShell” explitation.

You can spot it by looking at http request (either GET or POST) that contains something like:

class.module.classLoader.Urlz[a]=a

Recommendation:

• check your app and server logs

More information:

• https://www.microsoft.com/security/blog/2022/04/04/springshell-rce-vulnerability-guidance-for-protecting-against-and-detecting-cve-2022-22965/
• https://www.springcloud.io/post/2022-03/spring-framework-rce-early-announcement/#gsc.tab=0
• https://cybersecurityworks.com/blog/vulnerabilities/spring4shell-the-next-log4j.html

Blog image by:

• madartzgraphics