[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"vulnerability-2773":17,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":48},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},{"id":18,"detectable_with":19,"vuln_details":26,"vuln_id":45,"name":46,"published":47,"updated":27},2773,{"tool":20,"engine":23},{"id":21,"name":22},1,"Network Scanner",{"id":24,"name":25},2,"Nuclei",{"id":18,"codename":27,"description":27,"severity":28,"risk_description":29,"public_description":30,"public_recommendation":31,"recommendation":27,"references":32,"cvssv3":38,"epss_score":39,"epss_percentile":40,"cve":41,"in_cisa_catalog":43,"date":44,"software_type":27,"vendor":27,"product":27,"ptt_exploit_capabilities":27},null,"critical","Successful exploitation of this vulnerability could lead to remote code execution, compromising the confidentiality, integrity, and availability of the affected system.","Applications using Spring Cloud Gateway prior to 3.1.1+ and 3.0.7+ are vulnerable to a code injection attack when the Gateway Actuator endpoint is enabled, exposed and unsecured. A remote attacker could make a maliciously crafted request that could allow arbitrary remote execution on the remote host.","Apply the latest security patches provided by the vendor and ensure proper input validation to prevent code injection attacks.",[33,34,35,36,37],"https://nvd.nist.gov/vuln/detail/CVE-2022-22947","https://wya.pl/2022/02/26/cve-2022-22947-spel-casting-and-evil-beans/","https://github.com/wdahlenburg/spring-gateway-demo","https://spring.io/blog/2022/03/01/spring-cloud-gateway-cve-reports-published","https://tanzu.vmware.com/security/cve-2022-22947",10,0.94461,0.99994,[42],"CVE-2022-22947",true,"2022-03-03T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2022-22947","Spring Cloud Gateway Code Injection","2023-07-04T00:00:00Z",["Island",49],{"key":50,"params":51,"result":53},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":52},"{\"text-color\":\"gray\"}",{"head":54},{}]