What is /actuator/gateway/routes?
Created
17th August 2023
Updated
18th August 2023
This URI request is related to scanners looking for CVE-2022-22947 which is an exploit in the Spring Cloud Gateway, which is a library for building an API within the Spring framework.
The vulnerability was patched by VMWare in March 2021.
References
- Viettel Cyber Security. (2022). CVE-2022-22947: Spring Cloud Gateway Code Injection Vulnerability. Retrieved August 15, 2023, from https://blog.viettelcybersecurity.com/cve-2022-22947-spring-cloud-gateway-code-injection-vulnerability/
- Carlos E. Vieira. (2021). Spring Cloud Gateway 3.1.0 - Remote Code Execution (RCE). Exploit Database. Retrieved August 15, 2023, from https://www.exploit-db.com/exploits/50799