Lucene search
K

96 matches found

OpenVAS
OpenVAS
added 2020/06/05 12:0 a.m.97 views

Huawei Data Communication: Apache Struts2 RCE Vulnerability in Huawei Products (huawei-sa-20170316-01-struts2)

Apache Struts2 released a remote code execution RCE vulnerability in S2-045 on the official website. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

10CVSS10AI score0.99999EPSS
Exploits44References3
OpenVAS
OpenVAS
added 2020/05/26 12:0 a.m.50 views

Huawei Data Communication: RCE Vulnerability in Jackson JSON library of Apache Struts2 (huawei-sa-20180228-01-struts)

Apache Struts2 released a remote code execution RCE vulnerability in S2-055 on the official website. This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright ...

9.8CVSS9.6AI score0.37925EPSS
Exploits7References1
NVD
NVD
added 2019/12/05 9:15 p.m.24 views

CVE-2012-1592

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files...

8.8CVSS8.9AI score0.2855EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2019/12/05 9:15 p.m.18 views

CVE-2012-1592

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files...

8.8CVSS7.6AI score0.2855EPSS
Exploits0References2
Prion
Prion
added 2019/12/05 9:15 p.m.18 views

Remote code execution

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files...

6.5CVSS7.9AI score0.2855EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2019/12/05 8:57 p.m.28 views

CVE-2012-1592

A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files...

8.9AI score0.2855EPSS
Exploits0References7
CVE
CVE
added 2019/12/05 8:57 p.m.87 views

CVE-2012-1592

Apache Struts2 is affected by a local code execution vulnerability involving processing malformed XSLT files. The issue affects Struts2 versions prior to 2.5.22 and can allow a malicious user to upload and execute arbitrary files on the server. A fix exists with Struts 2.5.22 or later; advisory e...

8.8CVSS8.8AI score0.2855EPSS
Exploits0References7Affected Software1
GithubExploit
GithubExploit
added 2018/08/24 3:1 a.m.14 views

Exploit for CVE-2018-11776

CVE-2018-11776 On August 23, 2018, Apache Struts2 released a...

9.3CVSS7.9AI score0.99993EPSS
Exploits41
GithubExploit
GithubExploit
added 2018/08/24 3:1 a.m.4 views

Exploit for CVE-2018-11776

CVE-2018-11776 On August 23, 2018, Apache Struts2 released a...

9.3CVSS7.9AI score0.99993EPSS
Exploits41
GithubExploit
GithubExploit
added 2018/08/24 3:1 a.m.28 views

Exploit for CVE-2018-11776

CVE-2018-11776 On August 23, 2018, Apache Struts2 released a...

9.3CVSS7.9AI score0.99993EPSS
Exploits41
myhack58
myhack58
added 2018/08/23 12:0 a.m.850 views

Apache Struts2 S2-057 vulnerability analysis and early warning-vulnerability warning-the black bar safety net

It is possible to perform a RCE attack when the namespace value isn't set for a result defined in underlying xml configurations and in the same time, its upper actions configurations have no or wildcard namespace. The Same possibility when using the url tag which doesn't have value and action set...

2.8AI score0.99993EPSS
Exploits41
myhack58
myhack58
added 2018/07/10 12:0 a.m.753 views

Apache Struts2 high-risk vulnerabilities cause the Enterprise Server is the invasion mounted KoiMiner mining Trojan-vulnerability warning-the black bar safety net

0×1 Overview Many business websites use the Apache open source project to build a http server, which is most of the use of the Apache sub-project of Struts in. But since the Apache Struts2 Product code there are more risks, beginning in 2007, Struts2 will frequently broke multiple high-risk...

10CVSS0.4AI score0.99999EPSS
Exploits44
myhack58
myhack58
added 2018/05/17 12:0 a.m.138 views

How to use Struts2 vulnerabilities to bypass firewall get Root permissions-bug warning-the black bar safety net

This article I want to share is about the Apache struts2 CVE-2013–2251 vulnerability, since the vulnerability can lead to remote code execution, had once been widely abused. The vulnerability principle is that, by manipulating the prefix“action:”/”redirect:”/”redirectAction:”parameter in the Stru...

0.99998EPSS
Exploits18
Check Point Advisories
Check Point Advisories
added 2018/04/11 12:0 a.m.11 views

Apache Struts2 REST Plugin XStream DoS (CVE-2017-9793) - Ver2

A vulnerability exists in Apache. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

5CVSS5.1AI score0.0902EPSS
Exploits0
seebug.org
seebug.org
added 2018/03/27 12:0 a.m.78 views

Apache Struts2 S2-056(CVE-2018-1327)

Summary A crafted XML request can be used to perform a DoS attack when using the Struts REST plugin | | | | :------------ | :------------ | | Who should read this | All Struts 2 developers and users which are using the REST plugin | | Impact of vulnerability | A DoS attack is possible when using...

7.7AI score0.09224EPSS
Exploits1
Huawei
Huawei
added 2018/02/28 12:0 a.m.79 views

Security Advisory - Remote Code Execution Vulnerability in Jackson JSON library of Apache Struts2

Apache Struts2 released a remote code execution vulnerability in S2-055 on the official website. An attacker is possible to perform a Remote Code Execution RCE attack with a malicious JSON packet. Vulnerability ID: HWPSIRT-2017-12002 This vulnerability has been assigned a Common Vulnerabilities a...

9.8CVSS9.4AI score0.37925EPSS
Exploits7Affected Software4
Kitploit
Kitploit
added 2017/12/18 9:12 p.m.2088 views

JexBoss - JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool

JexBoss is a tool for testing and exploiting vulnerabilities in JBoss Application Server and others Java Platforms, Frameworks, Applications, etc. Requirements Python = 2.7.x urllib3 ipaddress Installation on Linux\Mac To install the latest version of JexBoss, please use the following commands: g...

9.8CVSS10AI score0.99999EPSS
Exploits45References3
Check Point Advisories
Check Point Advisories
added 2017/12/05 12:0 a.m.8 views

Apache Struts2 Jackson Library Remote Code Execution (CVE-2017-15095; CVE-2017-17485; CVE-2017-7525; CVE-2018-7489)

Vulnerability exists in Jackson data-bind library. This vulnerability is due to deserialization of untrusted data. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system...

7.5CVSS6.6AI score0.49727EPSS
Exploits7
0day.today
0day.today
added 2017/12/02 12:0 a.m.143 views

Apache Struts2 S2-055 DoS Vulnerability

Exploit for multiple platform in category dos / poc Summary Vulnerability in the Jackson JSON library Who should read this All Struts 2 developers and users which are using the REST plugin Impact of vulnerability Not clear, please read the linked issue for more details...

7.5CVSS9.4AI score0.37925EPSS
Exploits7
0day.today
0day.today
added 2017/12/02 12:0 a.m.55 views

Apache Struts2 S2-054 DoS Vulnerability

Exploit for multiple platform in category dos / poc Summary A crafted JSON request can be used to perform a DoS attack when using the Struts REST plugin Who should read this All Struts 2 developers and users which are using the REST plugin Impact of vulnerability A DoS attack is possible when usi...

5CVSS6.6AI score0.04889EPSS
Exploits2
Rows per page
Query Builder