by vicarius
log in join community
by @jakaba
14 Dec 2023
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Apache Struts RCE (CVE-2023-50164) - PoC + exploit

by @jakaba
by @jakaba
14 Dec 2023
#novel_exploit_analysis

An exploitation of a CVE vulnerability that has no prior exploit

publish

Apache Struts RCE (CVE-2023-50164) - PoC + exploit

OS

Debian Linux
Debian LinuxDebian
22.04.*
2.5.3-3.*
2.5.3-16.*
2.5.2-1.*
*.*
2.1.8.8.p3-1.1.*
10.10.*
3.0.23.*
12.4.*
3.0.18.*

Apps

S
StrutsApache
2.1.2 Beta.*
*.*
2.5.14.1.*
2.3.12.0.*
2.5.10.1.*
2.3.20.2.*
2.3.24.2.*
2.3.24.1.*
2.3.20.3.*
6.7.4.*

PoC video

Summary

A critical security vulnerability, identified as CVE-2023-50164 (CVE: 9.8) was found in Apache Struts, allowing attackers to manipulate file upload parameters that can potentially lead to unauthorized path traversal and remote code execution (RCE).

general

Description

Tags

#RCE#exposed_to_RCE_attack#APACHE#path_traversal#trending#file_upload#Struts
users/photos/clj8b3h1k16g10uoihwvzgsxi.png

@jakaba

74 posts

Total vcoins

0

Social media links

Comments (1)