CVE-2016-1000031

CRITICAL

Apache Commons FileUpload <1.3.3 - RCE

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2016-1000031. PoCs published by dawetmaster, andikahilmy.

AI-analyzed exploit summary This repository contains the vulnerable source code of Apache Commons FileUpload (CVE-2016-1000031), which is a deserialization vulnerability. The code includes the deprecated `DefaultFileItem` and `DefaultFileItemFactory` classes, which are part of the vulnerable implementation.

Description

Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution

Exploits (2)

nomisec WORKING POC
by dawetmaster · poc
https://github.com/dawetmaster/CVE-2016-1000031-commons-fileupload-vulnerable

This repository contains the vulnerable source code of Apache Commons FileUpload (CVE-2016-1000031), which is a deserialization vulnerability. The code includes the deprecated `DefaultFileItem` and `DefaultFileItemFactory` classes, which are part of the vulnerable implementation.

Classification
Working Poc 90%
Attack Type
Deserialization
Complexity
Moderate
Reliability
Reliable
Target: Apache Commons FileUpload (versions before 1.3.3)
No auth needed
Prerequisites: Vulnerable version of Apache Commons FileUpload · Ability to send crafted serialized data to the target application
devstral-2 · analyzed Mar 14, 2026 Full analysis →
nomisec WORKING POC
by andikahilmy · poc
https://github.com/andikahilmy/CVE-2016-1000031-commons-fileupload-vulnerable

This repository contains the vulnerable source code of Apache Commons FileUpload (CVE-2016-1000031), specifically the deprecated `DefaultFileItem` and `DefaultFileItemFactory` classes. The vulnerability involves improper handling of file uploads, potentially leading to denial-of-service (DoS) or other exploits.

Classification
Working Poc 90%
Attack Type
Dos
Complexity
Moderate
Reliability
Reliable
Target: Apache Commons FileUpload (versions before 1.3.3)
No auth needed
Prerequisites: Target application using vulnerable Apache Commons FileUpload library
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (24)

Core 24
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/93604
Vendor Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20190212-0001/
Various Sources x_refsource_confirm
https://issues.apache.org/jira/browse/WW-4812
Third Party Advisory, VDB Entry x_refsource_misc
http://www.zerodayinitiative.com/advisories/ZDI-16-570/
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2016-30
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2016-12
Vendor Advisory x_refsource_confirm
https://issues.apache.org/jira/browse/FILEUPLOAD-279
Third Party Advisory x_refsource_misc
https://www.tenable.com/security/research/tra-2016-23

Scores

CVSS v3 9.8
EPSS 0.5643
EPSS Percentile 98.2%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-284
Status published
Products (2)
apache/commons_fileupload < 1.3.2
commons-fileupload/commons-fileupload 0 - 1.3.3Maven
Published Oct 25, 2016
Tracked Since Feb 18, 2026