Apache Struts2 Gui exploit

2017.03.11
Risk: High
Local: No
Remote: Yes
CWE: N/A


CVSS Base Score: 10/10
Impact Subscore: 10/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Complete
Integrity impact: Complete
Availability impact: Complete

Apache Struts remote shell Apache Struts gui exploit by Actionspider actionspider@gmail.com Affected versions: 2.3.5 – 2.3.31 2.5 – 2.5.10 uid=108(tomcat7) gid=114(tomcat7) groups=114(tomcat7) ##################(new line)################### Linux ip-172-31-39-216 4.4.0-34-generic #53-Ubuntu SMP Wed Jul 27 16:06:39 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux ##################(new line)################### exploit: http://www.megafileupload.com/1qdnc/apache-Struts2.zip https://ufile.io/a4538 http://s000.tinyupload.com/?file_id=07130670949154550806 youtube: https://www.youtube.com/watch?v=dOuEKmq41lw

References:

http://www.megafileupload.com/1qdnc/apache-Struts2.zip
https://ufile.io/a4538
http://s000.tinyupload.com/?file_id=07130670949154550806
https://www.youtube.com/watch?v=dOuEKmq41lw


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top