漏洞描述
Actuator是Spring Boot提供的服务监控和管理中间件,当 /env、/restart 端点允许POST方式进行访问,通过修改logging.config 属性的值可能触发远程命令执行漏洞。
SpringBoot spring.main.sources 属性存在远程命令执行
PoC代码
暂无相关漏洞推荐
- springboot-actuator-unauth: Springboot Actuator Unauth
- springblade-export-user-sqli: SpringBlade 框架后台 export-user 路径 SQL 注入漏洞
- POC spring4shell-CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
- POC CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read
- POC e-cology-springframework-directory-traversal: 泛微OA e-cology springframework 目录遍历
- POC jeespringcloud-uploadfile-fileupload: JeeSpringCloud uploadFile.jsp 任意文件上传
- POC spring-expression-oob: Spring Expression Language - Out of Band Template Injection
- POC springboot-admin-unauth: Spring boot Admin unauth
- POC springboot-h2-db-rce: Spring Boot H2 Database RCE
- POC spring-framework-exceptions: Spring Framework Exceptions
- POC exposed-alps-spring: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
- POC hikvision-env: Hikvision Springboot Env Actuator - Detect
- POC spring-eureka: Spring Eureka Exposure