漏洞描述
spring eureka 存在未授权访问漏洞,攻击者可以利用该漏洞获取微服务敏感信息,未经授权的服务被注册到 EurekaServer,从而对其他服务进行非法访问或攻击。
spring eureka 存在未授权访问漏洞
PoC代码
暂无相关漏洞推荐
- springboot-actuator-unauth: Springboot Actuator Unauth
- springblade-export-user-sqli: SpringBlade 框架后台 export-user 路径 SQL 注入漏洞
- POC spring4shell-CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+
- POC CVE-2025-46822: Java-springboot-codebase 1.1 - Arbitrary File Read
- POC e-cology-springframework-directory-traversal: 泛微OA e-cology springframework 目录遍历
- POC jeespringcloud-uploadfile-fileupload: JeeSpringCloud uploadFile.jsp 任意文件上传
- POC spring-expression-oob: Spring Expression Language - Out of Band Template Injection
- POC springboot-admin-unauth: Spring boot Admin unauth
- POC springboot-h2-db-rce: Spring Boot H2 Database RCE
- POC spring-framework-exceptions: Spring Framework Exceptions
- POC exposed-alps-spring: Exposed Spring Data REST Application-Level Profile Semantics (ALPS)
- POC spring-eureka: Spring Eureka Exposure
- POC springboot-autoconfig: Detect Springboot autoconfig Actuator