CVE-2023-50164 exploit PoC
by LkStr - Saturday December 16, 2023 at 05:27 AM
#1
CVE-2023-50164, reported by Steven Seeley of Source Incite, enables path traversal by manipulating of file upload parameters and, in some cases, may allow attackers to upload malicious files that can be used to achieve remote code execution.

The vulnerability affects Apache Struts versions:

2.0.0 through 2.5.32
6.0.0 through 6.3.0.1
2.0.0 through 2.3.37

This vulnerability is easy to exploit.

https://nvd.nist.gov/vuln/detail/CVE-2023-50164 Base Score: 9.8!

Check here: https://www.trendmicro.com/en_us/researc...pload.html

and here: https://www.akamai.com/blog/security-res...n-attempts

PoC: https://github.com/jakabakos/CVE-2023-50...Struts-RCE
Reply


Possibly Related Threads…
Thread Author Replies Views Last Post
  [WordPress SMTP Plugin] CVE-2023-6875 + PoC who 7 1,413 02-29-2024, 09:47 PM
Last Post: koala222
  POC + Exploit CVE-2023-23397 Farfallaiero 9 2,902 02-23-2024, 06:20 PM
Last Post: JacquesPhil12
  Wordpress Elementor 3.11.6 Exploit - Full Takeover TheGoodlife 26 8,854 02-19-2024, 07:18 PM
Last Post: therainnevercame
  Exploit - Microsoft Exchange Server Arsenic009 9 3,338 02-14-2024, 10:38 PM
Last Post: Bendelladj1
  CVE-2023-6546 KASLR Bypass ricky_bobby 0 473 02-09-2024, 03:13 AM
Last Post: ricky_bobby



 Users browsing this thread: 1 Guest(s)