# Spring4Shell-POC (CVE-2022-22965)


![Docker Build]( ![Docker App Build]( ![Stars]( ![Docker Run](

Spring4Shell (CVE-2022-22965) Proof Of Concept/Information + [A vulnerable Tomcat server with a vulnerable spring4shell application.](vulnerable-tomcat/)

Early this morning, multiple sources has informed of a possible RCE exploit in the popular java framework spring.

The naming of this flaw is based on the similarities to the infamous Log4j LOG4Shell.

## Details about this vulnerability

- [](
- [](
- [](

## POC Usage

The usage is simple! You can either run the docker image, or just run the python script!

Please see vulnerable-tomcat for inscructions on setting up your own spring4shell vulnerable application [here!](vulnerable-tomcat/)

### Requirements

- Python3 or [Docker](

### Python

pip install -r requirements.txt --help


### Docker

## Dockerhub
docker pull bobtheshoplifter/spring4shell-poc:latest
docker run bobtheshoplifter/spring4shell-poc:latest --url
## Github docker repository
docker pull
docker run --url


## Vulnerable Tomcat server

I have now made a docker image for this, which includes a vulnerable spring + tomcat application.

The application should be enough to test this vulnerability.

[Please see (vulnerable-tomcat/](vulnerable-tomcat/

## Mitigations

!!(The following mitigations are only theoretical as nothing has been confirmed)!!

### JDK Version under 9

Cyberkendra informed that JDK versions lower than JDK 9

You can easily check this by running

java -version

That will display something similar to this

openjdk version "17.0.2" 2022-01-18
OpenJDK Runtime Environment (build 17.0.2+8-Ubuntu-120.04)
OpenJDK 64-Bit Server VM (build 17.0.2+8-Ubuntu-120.04, mixed mode, sharing)

If your JDK version is under 8, you might be safe, but nothing is confirmed yet

The following article will be updated

### Check if you are using the spring framework

Do a global search after `spring-beans*.jar` and `spring*.jar`

find . -name spring-beans*.jar

[^1]: POC, translated fron this repository.

POC, translated fron this repository: