4

🆘 江湖救急 被 CVE-2022-22947 攻击了

 2 years ago
source link: https://www.v2ex.com/t/838031
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

V2EX  ›  Java

🆘 江湖救急 被 CVE-2022-22947 攻击了

  Hug125 · 1 天前 · 3467 次点击

spring-cloud-gateway 服务被攻击,启动加载路由配置的时候报错

GatewayRouteConf(filters=[{"args":{"name":"Result","value":"#{new java.lang.String(T(org.springframework.util.StreamUtils).copyToByteArray(T(java.lang.Runtime).getRuntime().exec(\"bash -c {echo,d2hvYW1p}|{base64,-d}|{bash,-i}\").getInputStream()))}"},"name":"AddResponseHeader"}], predicates=[], order=null, uri=http://aaaa.aa, serviceId=ee, valid=1)
2022-03-04 17:30:16.725  INFO [rich-gateway,,,] 12586 --- [           main] ConditionEvaluationReportLoggingListener : 

exec(\"bash -c {echo,d2hvYW1p}|{base64,-d}|{bash,-i}\").getInputStream()))}"}

目前除了升级 gateway 版本有没有什么办法能把服务启动起来 生产环境已经挂了 2 个小时了

第 1 条附言  ·  1 天前

目前恢复服务了,被人把东西写到 redis 里了。
目前在 nginx 里拦截了所有带 actuator 的请求。

report

Recommend

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK