.. / CVE-2017-9805

Exploit for Apache Struts2 S2-052 - Remote Code Execution (CVE-2017-9805)

Description:

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads.

Nuclei Template

View the template here CVE-2017-9805.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2017/CVE-2017-9805.yaml

References:

https://struts.apache.org/docs/s2-052.html
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
http://www.securitytracker.com/id/1039263
https://nvd.nist.gov/vuln/detail/CVE-2017-9805

.. / CVE-2017-9805 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Apache Struts2 S2-052 - Remote Code Execution (CVE-2017-9805)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2017-9805