CVE-2017-9791

This repository provides a detailed writeup and references for CVE-2017-9791 (S2-048), a remote code execution vulnerability in Apache Struts2. It includes links to external PoCs and technical analyses but does not contain direct exploit code.

This is a functional exploit for CVE-2017-9791, a remote code execution vulnerability in Apache Struts2. It leverages OGNL injection to execute arbitrary commands on the target system.

This repository provides a detailed writeup and references for CVE-2017-9791 (S2-048), a remote code execution vulnerability in Apache Struts2. It includes links to functional PoCs and technical analyses but does not contain exploit code itself.

This repository contains a Python script and README demonstrating an OGNL injection exploit for CVE-2017-9791 (Struts2 S2-048). The PoC executes arbitrary commands via a crafted Content-Type header, leveraging Struts2's OGNL evaluation to achieve RCE.

This repository contains a functional Perl exploit for CVE-2017-9791, targeting Apache Struts 2.3.x via OGNL injection in the Struts 1 plugin. The exploit sends a crafted POST request to execute arbitrary commands on the target system.

This is a Metasploit module for CVE-2017-9791, a remote code execution vulnerability in Apache Struts 2.3.x via OGNL injection in the Struts 1 plugin showcase app. The exploit sends a malicious POST request to execute arbitrary commands on the target system.

This repository contains a functional Perl exploit for CVE-2017-9791, targeting Apache Struts 2.3.x via OGNL injection in the Struts 1 plugin. The exploit sends a crafted POST request to execute arbitrary commands on the target system.

This Metasploit module exploits CVE-2017-9791, a remote code execution vulnerability in Apache Struts 2.3.x via OGNL injection in the Struts 1 plugin showcase. It sends a malicious HTTP POST request with an OGNL payload to execute arbitrary commands on the target system.

This exploit leverages CVE-2017-9791 (Apache Struts2 S2-048) by crafting an OGNL expression payload to execute arbitrary commands via Runtime.exec(). The payload bypasses security restrictions by manipulating OGNL context and clearing excluded classes/packages.

This Metasploit module exploits CVE-2017-9791, a remote code execution vulnerability in Apache Struts 2.3.x via OGNL injection in the Struts 1 plugin showcase. It sends a malicious POST request to execute arbitrary commands on the target system.