Lucene search
K

34 matches found

GithubExploit
GithubExploit
added 2026/01/04 6:57 p.m.219 views

Exploit for Deserialization of Untrusted Data in Apache Struts

CVE-2017-9805: Apache Struts 2 S2-052 RCE Analizi Bu depo, Ap...

8.1CVSS8.5AI score0.99461EPSS
Exploits23
F5 Networks
F5 Networks
added 2023/02/21 6:47 p.m.500 views

K84144321: Apache Struts vulnerability CVE-2017-9805

Security Advisory Description The REST Plugin in Apache Struts 2.1.2 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

8.1CVSS7.9AI score0.99461EPSS
Exploits23
SUSE CVE
SUSE CVE
added 2023/02/15 4:44 a.m.7 views

SUSE CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

8.1CVSS9.7AI score0.99461EPSS
Exploits23References3
GithubExploit
GithubExploit
added 2022/10/03 12:15 a.m.11 views

Exploit for Deserialization of Untrusted Data in Apache Struts

CVE-2017-9805 CVE-2017-9805 POC The issue comes fro...

8.1CVSS7.5AI score0.99461EPSS
Exploits23
Openbugbounty
Openbugbounty
added 2020/04/20 4:38 p.m.6 views

ipkeisan.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1147833 Security Researcher geeknik Helped patch 8815 vulnerabilities Received 8 Coordinated Disclosure badges Received 20 recommendations , a holder of 8 badges for responsible and coordinated disclosure, found a security vulnerability affecting ipkeisan.com website and i...

0.2AI score
Exploits0
OpenVAS
OpenVAS
added 2019/08/28 12:0 a.m.55 views

Apache Struts Security Update (S2-051, S2-052) - Version Check

Apache Struts is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS8.2AI score0.99461EPSS
Exploits23References10
vulnersOsv
vulnersOsv
added 2018/10/16 7:37 p.m.4 views

org.apache.struts:struts2-assembly (>=2.2.1 <=2.3.33), org.apache.struts:struts2-rest-showcase (>=2.1.2 <=2.3.33) +5 more potentially affected by CVE-2017-9805 via org.apache.struts:struts2-rest-plugin (>=2.1.2 <=2.3.33)

org.apache.struts:struts2-rest-plugin MAVEN version =2.1.2, =2.2.1, =2.1.2, =2.0-RC2.3, =1.0, =1.0.1 - org.meruvian.yama:yama-struts-core =1.0.1 Source cves: CVE-2017-9805 Source advisory: OSV:GHSA-GG9M-FJ3V-R58C...

8.1CVSS7AI score0.99461EPSS
Exploits23
vulnersOsv
vulnersOsv
added 2018/10/16 7:37 p.m.4 views

com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.0.5-RELEASE), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=2.5.1) +73 more potentially affected by CVE-2017-9804 +1 more via org.apache.struts:struts2-core (>=2.5.1 <=2.5.12)

org.apache.struts:struts2-core MAVEN version =2.5.1, =1.0.3-RELEASE, =0.9.4, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.12 - org.apache.struts:struts2-java8-support-plugin =2.5.1 and more Source cves: CVE-2017-9804, CVE-2017-9805 Source advisory:...

8.1CVSS7AI score0.99461EPSS
Exploits23
vulnersOsv
vulnersOsv
added 2018/10/16 7:37 p.m.2 views

org.apache.struts:struts2-assembly (>=2.5.1 <=2.5.12), org.apache.struts:struts2-rest-showcase (>=2.5.1 <=2.5.12) potentially affected by CVE-2017-9793 +1 more via org.apache.struts:struts2-rest-plugin (>=2.5.1 <=2.5.12)

org.apache.struts:struts2-rest-plugin MAVEN version =2.5.1, =2.5.1, =2.5.1, =2.5.12 Source cves: CVE-2017-9793, CVE-2017-9805 Source advisory: OSV:GHSA-VWXJ-6M5M-RRVH...

8.1CVSS7AI score0.99461EPSS
Exploits23
vulnersOsv
vulnersOsv
added 2018/10/16 7:36 p.m.3 views

com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.0.5-RELEASE), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=2.5.1) +71 more potentially affected by CVE-2017-7672 +1 more via org.apache.struts:struts2-core (>=2.5.1 <=2.5.10.1)

org.apache.struts:struts2-core MAVEN version =2.5.1, =1.0.3-RELEASE, =0.9.4, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.10.1 - org.apache.struts:struts2-java8-support-plugin =2.5.1 and more Source cves: CVE-2017-7672, CVE-2017-9805 Source advisory:...

8.1CVSS7AI score0.99461EPSS
Exploits23
vulnersOsv
vulnersOsv
added 2018/10/16 7:35 p.m.7 views

com.github.a-pz:struts2-thymeleaf3-plugin (>=1.0.3-RELEASE <=1.0.5-RELEASE), com.jgeppert.struts2.bootstrap:struts2-bootstrap-plugin (=2.5.1) +71 more potentially affected by CVE-2017-12611 +1 more via org.apache.struts:struts2-core (>=2.5.1 <=2.5.10.1)

org.apache.struts:struts2-core MAVEN version =2.5.1, =1.0.3-RELEASE, =0.9.4, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.1, =2.5.10.1 - org.apache.struts:struts2-java8-support-plugin =2.5.1 and more Source cves: CVE-2017-12611, CVE-2017-9805 Source advisory:...

9.8CVSS7.1AI score0.99461EPSS
Exploits28
vulnersOsv
vulnersOsv
added 2018/10/16 7:35 p.m.5 views

be.objectify:objectify-struts2-tags (=1.0), br.net.woodstock.rockframework:rockframework-struts2 (>=2.0.0 <=2.0.8) +228 more potentially affected by CVE-2017-12611 +1 more via org.apache.struts:struts2-core (>=2.0.11 <=2.3.33)

org.apache.struts:struts2-core MAVEN version =2.0.11, =2.0.0, =1.2.1, =1.5.3, =1.5.3, =1.2.2, =1.2.2, =1.2.2, =1.2.2, =0.5.9, =1.2.0, =1.2.3 and more Source cves: CVE-2017-12611, CVE-2017-9805 Source advisory: OSV:GHSA-8FX9-5HX8-CRHM...

9.8CVSS7.1AI score0.99461EPSS
Exploits28
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/15 11:48 p.m.56 views

Security Bulletin: IBM OpenPages GRC Platform Web Applications are NOT vulnerable to (CVE-2017-9805 , CVE-2017-9804, CVE-2017-9793)

Summary IBM OpenPages GRC Platform Web Applications are NOT vulnerable to Apache Struts 2 vulnerabilities CVE-2017-9805 , CVE-2017-9804 and CVE-2017-9793 Vulnerability Details For more information on Struts 2 vulnerabilities, please consult Apache Security Bulletins CVE-2017-9805 , CVE-2017-9804...

8.1CVSS3.3AI score0.99461EPSS
Exploits23Affected Software1
NVD
NVD
added 2017/09/15 7:29 p.m.36 views

CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

8.1CVSS8.5AI score0.99461EPSS
Exploits23References13
UbuntuCve
UbuntuCve
added 2017/09/15 7:29 p.m.133 views

CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

8.1CVSS7AI score0.99461EPSS
Exploits23References3
CVE
CVE
added 2017/09/15 7:0 p.m.1487 views

CVE-2017-9805

CVE-2017-9805 affects the Apache Struts 2 REST plugin. The REST plugin uses an XStreamHandler with an XStream instance to deserialize XML without any type filtering, enabling remote code execution when processing crafted XML payloads. Affected versions are Struts 2.1.1–2.3.x before 2.3.34 and 2.5...

8.1CVSS8.4AI score0.99461EPSS
In wildExploits23References13Affected Software1
Vulnrichment
Vulnrichment
added 2017/09/15 7:0 p.m.8 views

CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads...

8.6AI score0.99461EPSS
Exploits23References12
GithubExploit
GithubExploit
added 2017/09/10 5:26 a.m.10 views

Exploit for Deserialization of Untrusted Data in Apache Struts

apache-struts-pwn - CVE-2017-9805 Exploit ============ An...

8.1CVSS7.7AI score0.99461EPSS
Exploits23
GithubExploit
GithubExploit
added 2017/09/09 1:32 a.m.15 views

Exploit for Deserialization of Untrusted Data in Apache Struts

struts-pwn - CVE-2017-9805 Exploit ============ An exploi...

8.1CVSS7.4AI score0.99461EPSS
Exploits23
Imperva Blog
Imperva Blog
added 2017/09/08 4:10 p.m.1850 views

CVE-2017-9805: Analysis of Apache Struts RCE Vulnerability in REST Plugin

Just two months ago we published an analysis of a critical remote code execution RCE security vulnerability in Apache Struts. Now Apache Struts has published a new version fixing yet another critical RCE vulnerability September 5, 2017. CVE-2017-9805 is a vulnerability in Apache Struts related to...

7.5CVSS1.1AI score0.99461EPSS
Exploits42
Rows per page
Query Builder