{"uuid": "342c00d2-b976-4970-b1ef-424f9aff5dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22947", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1260", "content": "\u200b\u200bCVE-2022-22947\n\nSpring Cloud Gateway &lt; 3.0.7 &amp; &lt; 3.1.1 Code Injection (RCE)\n\nApplications using Spring Cloud Gateway are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.\n\nhttps://github.com/crowsec-edtech/CVE-2022-22947\n\n#cve", "creation_timestamp": "2022-10-20T17:20:10.000000Z"}