
image credit: adobe stock
It’s been almost a week since the Spring4Shell vulnerability (CVE-2022-22965) came to light and since the Spring development team fixed it in new versions of the Spring Framework.
There have been reports of scanning, exploit attempts and attempts to deploy a web shell on vulnerable systems, but it seems that a successful exploitation has yet to be documented.