Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts

🗓️ 15 Oct 2025 16:02:15Reported by seoyoung-kangType

githubexploit

githubexploit🔗 github.com👁 112 Views

PoC for CVE-2024-53677 enabling remote code execution in Apache Struts via file upload.

Reporter	Title	Published	Views	Family All 52
IBM Security Bulletins	Security Bulletin: Remediation of Multiple Apache Struts 2.5.33 Vulnerabilities in IBM Library Support for Struts.	16 Jan 202609:11	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerability in Apache Struts library affect Tivoli Netcool/OMNIbus WebGUI (CVE-2024-53677)	28 Jan 202521:51	–	ibm
IBM Security Bulletins	Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities	26 Mar 202504:11	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Protection is affected by multiple vulnerabilities (CVE-2024-53677, CVE-2025-23184)	19 Jun 202505:35	–	ibm
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts	13 Dec 202417:42	–	githubexploit
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts	18 Dec 202418:42	–	githubexploit
GithubExploit	Exploit for CVE-2024-53667	22 May 202607:20	–	githubexploit
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts	18 Dec 202402:03	–	githubexploit
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts	8 Jan 202519:36	–	githubexploit
GithubExploit	Exploit for Unrestricted Upload of File with Dangerous Type in Apache Struts	1 Sep 202513:17	–	githubexploit

15 Oct 2025 16:02Current

8.1High risk

Vulners AI Score8.1

CVSS 3.19.8

CVSS 49.5

EPSS0.78198

SSVC

Apache Struts Remote code execution Unrestricted file upload Path traversal Tomcat server Web application