■■■■■ Zero-Day / Spring4Shell: Security Analysis of the latest Java RCE ‘0-day’ vulnerabilities in Spring.
Unauthenticated Remote Code Execution via injection (class) and insecure Java Deserialization exploitable via crafted HTTP-POST request.
https://www.lunasec.io/docs/blog/spring-rce-vulnerabilities/
https://t.me/cKure/11091