Is CVE-2022-22965 patched on this host?

Spring Core Framework before 5.13.18 or 5.2.20 is vulnerable to a remote code execution vulnerability. This TTP sends a few cURL requests installing a backdoor temporarily. If the backdoor is installed and commands can be executed you will be deemed vulnerable. You should be able to idenitfy and remediate a backdoor that can execute shell commands that has been installed on your network.
View Command

To view this TTPs command, you must be logged in with a professional or enterprise license.


Test this TTP

Download Operator (1.7.1)
Test this TTP using one of our Operator chains
Is CVE-2022-22965 patched on Spring Framework?


A TTP that exploits CVE-2022-22965 in Spring Framework