{"vulnerability": "CVE-2024-22243", "sightings": [{"uuid": "a7f91d38-52c5-4e57-a102-ec834066fe17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7352", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExample exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).\nURL\uff1ahttps://github.com/SeanPesce/CVE-2024-22243\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-20T13:16:30.000000Z"}, {"uuid": "080bab42-0293-45ed-87bf-e8a7f0d053bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6661", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1a env of CVE-2024-22243&CVE-2024-22234\nURL\uff1ahttps://github.com/shellfeel/CVE-2024-22243-CVE-2024-22234\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-02-23T10:13:50.000000Z"}, {"uuid": "907c1d1b-ee56-4361-83fa-b62c6ffff6f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22262\n\ud83d\udd25 CVSS Score: 8.0 (CVSS_V3)\n\ud83d\udd39 Description: Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\ud83d\udccf Published: 2024-04-16T06:30:28Z\n\ud83d\udccf Modified: 2025-02-13T19:00:56Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-22262\n2. https://github.com/spring-projects/spring-framework\n3. https://github.com/spring-projects/spring-framework/blob/main/spring-web/src/main/java/org/springframework/web/util/UriComponentsBuilder.java\n4. https://security.netapp.com/advisory/ntap-20240524-0003\n5. https://spring.io/security/cve-2024-22262", "creation_timestamp": "2025-02-13T19:21:07.000000Z"}, {"uuid": "5f301955-247e-492d-a34d-732693ad4742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/696", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-02T06:46:35.000000Z"}, {"uuid": "4f27bc69-6df3-4cdb-b58c-6ed840172b7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4312", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22259\n\ud83d\udd25 CVSS Score: 8.0 (CVSS_V3)\n\ud83d\udd39 Description: Applications that use UriComponentsBuilder in Spring Framework\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.\n\nThis is the same as  CVE-2024-22243 https://spring.io/security/cve-2024-22243, but with different input.\n\ud83d\udccf Published: 2024-03-16T06:30:27Z\n\ud83d\udccf Modified: 2025-02-13T19:05:43Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-22259\n2. https://github.com/spring-projects/spring-framework/commit/297cbae2990e1413537c55845a7e0ea0ffd9f9bb\n3. https://github.com/spring-projects/spring-framework/commit/381f790329a48b74c2a49fc1384dd68ca9153501\n4. https://github.com/spring-projects/spring-framework/commit/f2fd2f12269c6a781c5b2c20b3c24141055a3d68\n5. https://github.com/spring-projects/spring-framework\n6. https://security.netapp.com/advisory/ntap-20240524-0002\n7. https://spring.io/security/cve-2024-22259", "creation_timestamp": "2025-02-13T19:16:31.000000Z"}, {"uuid": "a77e2934-298c-457c-abca-5a2812f77e5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/arpsyndicate/4683", "content": "#ExploitObserverAlert\n\nCVE-2024-22262\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.  This is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.701451", "creation_timestamp": "2024-04-18T04:35:44.000000Z"}, {"uuid": "4415c27e-b3ca-478c-b465-b96280575116", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/arpsyndicate/4730", "content": "#ExploitObserverAlert\n\nCVE-2024-22262\n\nDESCRIPTION: Exploit Observer has 26 entries in 6 file formats related to CVE-2024-22262. Applications that use UriComponentsBuilder\u00a0to parse an externally provided URL (e.g. through a query parameter) AND\u00a0perform validation checks on the host of the parsed URL may be vulnerable to a  open redirect https://cwe.mitre.org/data/definitions/601.html \u00a0attack or to a SSRF attack if the URL is used after passing validation checks.  This is the same as  CVE-2024-22259 https://spring.io/security/cve-2024-22259 \u00a0and  CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.\n\nFIRST-EPSS: 0.000430000\nARPS-PRIORITY: 0.710172", "creation_timestamp": "2024-04-20T18:55:00.000000Z"}, {"uuid": "784d8f02-fa35-4f2b-8796-d3e89d8f458a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/101", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-02T06:43:34.000000Z"}, {"uuid": "7dffc65a-ae77-4134-b358-2f9acbf8434c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "Telegram/aytDRNJAYRLkAGcpQSQjKrOvI8GFZ0fpnyB27o0JUgg", "content": "", "creation_timestamp": "2024-08-02T06:45:55.000000Z"}, {"uuid": "2e7f28b3-94fa-4c43-b62e-1a60eae21e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/ctinow/191466", "content": "https://ift.tt/mXNuPKB\nCVE-2024-22243", "creation_timestamp": "2024-02-23T06:31:43.000000Z"}, {"uuid": "e4275d6c-bf26-444a-ab8e-2ec06892cc6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "Telegram/xR1jS9HwiZzXNVW_S-Y9Dwo606EDDevtP4jor7zPHlsRSjM", "content": "", "creation_timestamp": "2025-02-21T10:00:06.000000Z"}, {"uuid": "eaa7ec1d-8c61-4bb6-870f-266d8d118a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8479", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:41.000000Z"}, {"uuid": "d8a8b322-e0c0-43f3-b81b-fb29e75a7746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3610", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:27.000000Z"}, {"uuid": "973203d0-9222-482f-bcaf-754e13e5e3ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7166", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:41.000000Z"}, {"uuid": "de55eb06-beaf-4e74-ab87-c1908740e9b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/596", "content": "Tools - Hackers Factory \n\nOffensive_security\n\n1. PANIX - Linux Persistence Tool\ngithub.com/Aegrah/PANIX\n\n2. RedGuard - C2 front flow control tool, can avoid Blue Teams, AVs, EDRs check\n\ngithub.com/wikiZ/RedGuard\n\nThis is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.\n\nhttps://github.com/MzHmO/LeakedWallpaper\n\nLeaked-Credentials\n\nhttps://github.com/h4x0r-dz/Leaked-Credentials\n\nCVE-2024-22243: URL-parsing vulnerability in Java Spring Framework\n\nhttps://github.com/SeanPesce/CVE-2024-22243\n\nTool for monitor Active Directory changes in real time without getting all objects. Instead of this it use replication metadata and Update Sequence Number (USN) to filter current properties of objects.\n\nhttps://github.com/DrunkF0x/ADSpider/tree/main\n\nTorBot\n\nhttps://github.com/DedSecInside/TorBot\n\nCheck for the existence of an email on Google platforms\n\nhttps://github.com/ranlo/check-google-user\n\nADExplorerSnapshot-rs\n\nhttps://github.com/t94j0/adexplorersnapshot-rs\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-05T06:19:15.000000Z"}, {"uuid": "bab54ee7-1d9b-47ae-8a80-a5af44f85c49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/ctinow/191465", "content": "https://ift.tt/mXNuPKB\nCVE-2024-22243", "creation_timestamp": "2024-02-23T06:26:18.000000Z"}, {"uuid": "274a075a-c59f-4935-970b-de2068c01096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2937", "content": "https://github.com/SeanPesce/CVE-2024-22243\n\nExample exploitable scenarios for CVE-2024-22243 affecting the Spring framework (open redirect & SSRF).\n#github", "creation_timestamp": "2024-08-06T12:49:42.000000Z"}, {"uuid": "832aca1e-b368-4e4d-bc5d-21b32bbc42cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "seen", "source": "https://t.me/ctinow/192241", "content": "https://ift.tt/SvoJYBt\nCVE-2024-22243", "creation_timestamp": "2024-02-23T22:41:19.000000Z"}, {"uuid": "6daa48c4-37d6-47df-ab7c-1dee240624f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3531", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-16T11:18:09.000000Z"}, {"uuid": "769dfce2-3c67-463a-bbf6-1730baef7506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22243", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10921", "content": "#exploit\n1. Heap exploitation, glibc internals and nifty tricks\nhttps://blog.quarkslab.com/heap-exploitation-glibc-internals-and-nifty-tricks.html\n\n2. CVE-2024-22243:\nURL-parsing vulnerability in Java Spring Framework\nhttps://github.com/SeanPesce/CVE-2024-22243", "creation_timestamp": "2024-08-02T12:35:59.000000Z"}]}