Main Vulnerability Database Exploits ID:11209 - Exploit for Path traversal in Apache Struts - CVE-2023-50164

ID:11209 - Exploit for Path traversal in Apache Struts - CVE-2023-50164

Published: March 14, 2025

Vulnerability identifier: #VU83960

Vulnerability risk: High

CVE-ID: CVE-2023-50164

CWE-ID: CWE-22

Exploitation vector: Remote access

Vulnerable software:
Apache Struts

Link to public exploit:

https://github.com/heavyyeast/cve-2023-50164-poc

Vulnerability description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to input validation error when processing directory traversal sequences in path names. A remote attacker can upload a malicious file to the server and execute it.

Remediation

Install update from vendor's website.

ID:11209 - Exploit for Path traversal in Apache Struts - CVE-2023-50164

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human