NOMISEC-m4sk0ff/CVE-2018-11776

NOMISEC WORKING POC

Exploit for CVE-2018-11776 - Apache Struts 2 Namespace Redirect OGNL Injection

AI Analysis

This repository contains a functional PoC for CVE-2018-11776, an Apache Struts2 RCE vulnerability. It uses OGNL injection to disable security restrictions and execute a reverse shell via a crafted HTTP request.

Attack Type

RCE

Complexity

moderate

Reliability

reliable

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

Loading exploit code...

Download ZIP Password: eip

Source

Platform Nomisec

Type remote

Files 3

https://github.com/m4sk0ff/CVE-2018-11776

Stars 0

Forks 0

Last Push Sep 09, 2025

Authors

m4sk0ff

Vulnerability

CVE-2018-11776

Apache Struts 2 Namespace Redirect OGNL Injection

HIGH KEV

CVSS 8.1