Spring Cloud Gateway Remote Code Execution Vulnerability (CVE-2022-22947) Alert
March 7, 2022
Overview Recently, NSFOCUS CERT detected that Spring released a report to fix the Spring Cloud Gateway code injection vulnerability (CVE-2022-22947). Due to a flaw in the Actuator endpoint of Spring Cloud Gateway, when a user enables and exposes an insecure Gateway Actuator endpoint, Applications using Spring Cloud Gateway are vulnerable to code injection attacks. Unauthenticated […]
