NOMISEC-arlyone/Apache-Struts-0Day-Exploit

NOMISEC WORKING POC

Exploit for CVE-2018-11776 - Apache Struts 2 Namespace Redirect OGNL Injection

AI Analysis

This is a functional exploit for CVE-2018-11776, a remote code execution vulnerability in Apache Struts. It leverages OGNL injection to execute arbitrary commands on the target system.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type poc

Files 3

https://github.com/arlyone/Apache-Struts-0Day-Exploit

Stars 15

Forks 5

Last Push Jul 30, 2020

Authors

arlyone Arun Bhandari LightCoder

Vulnerability

CVE-2018-11776

Apache Struts 2 Namespace Redirect OGNL Injection

HIGH KEV

CVSS 8.1