Lucene search
RootSSV:60836HistoryJun 11, 2013 - 12:00 a.m.
Apache Struts OGNL表达式注入漏洞(CVE-2013-2134)
2013-06-1100:00:00
Root
www.seebug.org
67
0.968 High
EPSS
Percentile
99.6%
BUGTRAQ ID: 60346
CVE(CAN) ID: CVE-2013-2134
Struts2 是第二代基于Model-View-Controller (MVC)模型的java企业级web应用框架。它是WebWork和Struts社区合并后的产物。
Apache Struts 2.0.0-2.3.14.3存在远程OGNL表达式注入漏洞,远程攻击者可利用此漏洞操作服务器端对象并在受影响应用上下文中执行任意命令。此漏洞源于通配符匹配错误。
0
Apache Group Struts 2.x
厂商补丁:
Apache Group
Apache Group已经为此发布了一个安全公告(s2-015)以及相应补丁:
s2-015:S2-015
链接:http://struts.apache.org/development/2.x/docs/s2-015.html
http://www.example.com/example/%24%7B%23foo%3D%27Menu%27%2C%23foo%7D
http://www.example.com/example/${#foo='Menu',#foo}
Related
checkpoint_advisories
checkpoint_advisories
Apache Struts Wildcard Matching OGNL Code Execution (CVE-2013-2134)
2013-08-20 00:00:00
prion
prion
Code injection
2013-07-16 18:55:00
cve
cve
CVE-2013-2134
2013-07-16 18:55:00
nessus
nessus
Apache Struts 2 OGNL Expression Handling Double Evaluation Error Remote Command Execution
2013-06-19 00:00:00
Apache Struts 2.x < 2.3.14.3 RCE (S2-015)
2018-09-10 00:00:00
GLSA-201409-04 : MySQL: Multiple vulnerabilities
2014-09-05 00:00:00
github
github
Arbitrary code execution in Apache Struts 2
2022-05-14 01:57:02
osv
osv
Arbitrary code execution in Apache Struts 2
2022-05-14 01:57:02
ubuntucve
ubuntucve
CVE-2013-2134
2013-07-16 00:00:00
openvas
openvas
Apache Struts Security Update (S2-012, S2-015) - Version Check
2021-09-14 00:00:00
Gentoo Security Advisory GLSA 201409-04
2015-09-29 00:00:00
f5
f5
huawei
huawei
Security Advisory-Multiple Apache Struts2 Vulnerabilities in Huawei Products
2013-07-30 00:00:00
wallarmlab
wallarmlab
New Struts2 Remote Code Execution exploit caught in the wild
2017-03-09 00:15:54
gentoo
gentoo
MySQL: Multiple vulnerabilities
2014-09-04 00:00:00
kitploit
kitploit
Vulmap - Web Vulnerability Scanning And Verification Tools
2020-12-25 11:30:00
oracle
oracle
Oracle Critical Patch Update - October 2013
2013-10-15 00:00:00
Oracle Critical Patch Update - January 2014
2014-01-14 00:00:00