Main Vulnerability Database Exploits ID:9864 - Exploit for Permissions, Privileges, and Access Controls in Apache Struts - CVE-2011-5057

ID:9864 - Exploit for Permissions, Privileges, and Access Controls in Apache Struts - CVE-2011-5057

Published: May 31, 2024

Vulnerability identifier: #VU90112

Vulnerability risk: Medium

CVE-ID: CVE-2011-5057

CWE-ID: CWE-264

Exploitation vector: Remote access

Vulnerable software:
Apache Struts

Link to public exploit:

https://www.exploit-db.com/exploits/36426/

Vulnerability description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to Apache Struts provides interfaces that do not properly restrict access to collections such as the session and request collections. A remote attacker can modify run-time data values via a crafted parameter to an application that implements an affected interface.

Remediation

Install updates from vendor's website.

ID:9864 - Exploit for Permissions, Privileges, and Access Controls in Apache Struts - CVE-2011-5057

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human