Spring: It isn't just about Spring4Shell. Spring Cloud Function Vulnerabilities are being probed too., (Mon, Apr 11th)

This post was originally published on this site

Our "First Seen URL" page did show attempts to access /actuator/gateway/routes this weekend. So I dug in a bit deeper to see what these scans are all about. The scans originate from %%ip: and have been going on for a few days already, but our first-seen list doesn't display them until they hit a threshold to consider the scans significant. We also see scans from a couple of our IPs, but at a much lower level.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.