## https://sploitus.com/exploit?id=7B3BB597-E614-57D3-8CDF-2091D33EB709
# spring-rce-poc
Testing CVE-2022-22968
Simple app vulnerable to CVE-2022-22968
- `Dockerfile` could be used to build it on vulnerable version of `Tomcat (9.0.59)`
- `exploit.sh` is a shell script which is trying to exploit this cve on 8080 port of localhost
If attack with `exploit.sh` was succesfull, on context of `http://localhost:8080/shell.jsp` on a target app should be accessible
simple JSP website with basic webshell.