Port 22

Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security

A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcherbriefly leakedaproof-of-concept(PoC)exploiton GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit (JDK) versions 9 and later and is a bypass for another