Exploit for #VU88567 Security features bypass in Apache Struts
Vulnerability identifier: #VU88567
Vulnerability risk: Medium
CVSSv3.1: 4.9 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:F/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-254
Exploitation vector: Network
Exploits in database: 3
- April 16, 2024
- Apache Struts < 2.2.0 - Remote Command Execution (Metasploit) [Exploit-DB]
- Struts2/XWork < 2.2.0 - Remote Command Execution [Exploit-DB]
- Apache Struts Remote Command Execution [Metasploit]
Impact: Data manipulation
Vulnerable software:
Apache Struts
Server applications /
Frameworks for developing and running applications
Vendor: Apache Foundation
