POC详情: 0e12d5bab842d02a90d153d2c987dfc27b48dcce

来源
关联漏洞
标题: Apache Struts 安全漏洞 (CVE-2024-53677)
描述:Apache Struts是美国阿帕奇(Apache)基金会的一个开源项目,是一套用于创建企业级Java Web应用的开源MVC框架,主要提供两个版本框架产品,Struts 1和Struts 2。 Apache Struts 2.0.0版本至6.4.0之前版本存在安全漏洞,该漏洞源于文件上传逻辑缺陷。
描述
s2-067(CVE-2024-53677)
介绍
# s2-067-CVE-2024-53677
s2-067(CVE-2024-53677)
Summary
File upload logic is flawed, and allows an attacker to enable paths with traversals - similar problem as reported in S2-066
Who should read this

All Struts 2 developers and users

Impact of vulnerability

Remote Code Execution

Maximum security rating

Critical

Recommendation

Upgrade to Struts 6.4.0 or greater and use Action File Upload Interceptor

Affected Software

Struts 2.0.0 - Struts 2.3.37 (EOL), Struts 2.5.0 - Struts 2.5.33, Struts 6.0.0 - Struts 6.3.0.2

Reporters

Shinsaku Nomura

CVE Identifier

CVE-2024-53677

Problem
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.

Note: application not using FileUploadInterceptor are safe.

Solution
Upgrade to Struts 6.4.0 or greater and migrate to the new file upload mechanism.

Backward compatibility
This change isn't backward compatible as you must rewrite your actions to start using the new Action File Upload mechanism and related interceptor. Keep using the old File Upload mechanism keeps you vulnerable to this attack.

Workaround

CVE-2024-53677 Detail
Received
This vulnerability has been received by the NVD and has not been analyzed.

Description
File upload logic is flawed vulnerability in Apache Struts. This issue affects Apache Struts: from 2.0.0 before 6.4.0. Users are recommended to upgrade to version 6.4.0, which fixes the issue. You can find more details in  https://cwiki.apache.org/confluence/display/WW/S2-067







文件快照
 [4.0K]  /data/pocs/0e12d5bab842d02a90d153d2c987dfc27b48dcce
├── [1.6K]  README.md
└── [  73]  s2-067-poc.py

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。