CVE-2012-0393

Apache Struts <2.3.1.1 - Code Injection

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-0393. PoCs published by SEC Consult.

AI-analyzed exploit summary The exploit demonstrates multiple critical vulnerabilities in Apache Struts2, including remote command execution via ExceptionDelegator, CookieInterceptor, and DebuggingInterceptor, as well as arbitrary file overwrite via ParametersInterceptor. These vulnerabilities arise from OGNL expression injection and improper parameter filtering.

Description

The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object.

Exploits (1)

exploitdb WORKING POC VERIFIED

by SEC Consult · textwebappsmultiple

https://www.exploit-db.com/exploits/18329

View Code ZIP pw:eip

The exploit demonstrates multiple critical vulnerabilities in Apache Struts2, including remote command execution via ExceptionDelegator, CookieInterceptor, and DebuggingInterceptor, as well as arbitrary file overwrite via ParametersInterceptor. These vulnerabilities arise from OGNL expression injection and improper parameter filtering.

Classification

Working Poc 100%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Apache Struts2 (2.3.1 and below)

No auth needed

Prerequisites: Target application using vulnerable Struts2 version · Access to crafted HTTP requests or headers

MITRE ATT&CK