skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Vulnerability Discovered in Spring Boot Applications

/ 1 min read

🧩 Exploiting Server-Side Template Injection in Spring Boot Applications. A recent penetration test revealed a vulnerability in a Spring Boot application, allowing unauthenticated Remote Code Execution (RCE) through Server-Side Template Injection (SSTI) via the Thymeleaf templating engine. The exploit was made possible by a flaw in how user headers were reflected in templates, which led to a double evaluation scenario. Despite defenses in newer Spring Boot versions, the testing team successfully bypassed these protections using Java reflection to access and execute methods on arbitrary classes. The final exploit involved writing to an intermediate file to return command results, highlighting the complexity of modern application security and the need for ongoing vigilance against such vulnerabilities.

Source
{entry.data.source.title}
Original