CISA adds Spring4Shell to list of exploited vulnerabilities

It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring Framework. There have been reports of scanning, exploit attempts and attempts to deploy a web shell on vulnerable systems, but it seems that a successful exploitation has yet to be documented.

Read full article on Help Net Security

 


Date:

Categorie(s):