Apache Commons Text 1.9 Remote Code Execution Exploit

This Metasploit module exploit takes advantage of the StringSubstitutor interpolator class, which is included in the Commons Text library. A default interpolator allows for string lookups that can lead to remote code execution. This is due to a logic flaw that makes the script, dns and url lookup...

Apache Commons Text RCE

This exploit takes advantage of the StringSubstitutor interpolator class, which is included in the Commons Text library. A default interpolator allows for string lookups that can lead to Remote Code Execution. This is due to a logic flaw that makes the "script", "dns" and "url" lookup keys...

Apache Commons Text 1.9 Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Apache Commons Text RCE', 'Description' = %q This exploit takes advantage of the StringSubstitutor interpolator class, which is included in the...

ROS-20230922-01

Vulnerability in the StringSubstitutor component of the Apache Common Text library is related to mismanagement of code generation. code generation. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code...

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889 aka text4shell PoC for recently discovered vu...

Exploit for Code Injection in Apache Commons_Text

CVE-2022-42889-text4shell 🔥🔥🔥 Apache commons text - CVE-2022-...

Apache Commons Text 1.5.x < 1.10.0 Remote Code Execution (CVE-2022-42889)

The version of Apache Commons Text on the remote host is 1.5.x 1.10.0. It is, therefore, affected by a remote code execution vulnerability due to unsafe script evaluation in the StringSubstitutor default interpolator. Note that Nessus has not tested for these issues but has instead relied only on...