mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-11 20:52:49 +02:00
0xMarcio
47 lines
2.1 KiB
Markdown
47 lines
2.1 KiB
Markdown
### [CVE-2017-12611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12611)
|
|
|
|
|
|
|
|
|
|
### Description
|
|
|
|
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
|
|
|
|
### POC
|
|
|
|
#### Reference
|
|
No PoCs from references.
|
|
|
|
#### Github
|
|
- https://github.com/0day666/Vulnerability-verification
|
|
- https://github.com/20142995/Goby
|
|
- https://github.com/20142995/nuclei-templates
|
|
- https://github.com/20142995/pocsuite3
|
|
- https://github.com/20142995/sectool
|
|
- https://github.com/3llio0T/Active-
|
|
- https://github.com/ARPSyndicate/cvemon
|
|
- https://github.com/ARPSyndicate/kenzer-templates
|
|
- https://github.com/Elsfa7-110/kenzer-templates
|
|
- https://github.com/HimmelAward/Goby_POC
|
|
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
|
|
- https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
|
|
- https://github.com/SexyBeast233/SecBooks
|
|
- https://github.com/TesterCC/exp_poc_library
|
|
- https://github.com/Z0fhack/Goby_POC
|
|
- https://github.com/Zero094/Vulnerability-verification
|
|
- https://github.com/albinowax/ActiveScanPlusPlus
|
|
- https://github.com/brianwrf/S2-053-CVE-2017-12611
|
|
- https://github.com/ice0bear14h/struts2scan
|
|
- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
|
|
- https://github.com/khodges42/Etrata
|
|
- https://github.com/linchong-cmd/BugLists
|
|
- https://github.com/lnick2023/nicenice
|
|
- https://github.com/pctF/vulnerable-app
|
|
- https://github.com/qazbnm456/awesome-cve-poc
|
|
- https://github.com/superlink996/chunqiuyunjingbachang
|
|
- https://github.com/tdcoming/Vulnerability-engine
|
|
- https://github.com/whoadmin/pocs
|
|
- https://github.com/woods-sega/woodswiki
|
|
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
|
|
|