CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-29 16:29:28 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
efebdd4f2d72a3494ec92163e9e88e00a3646b8a
CVEs-PoC/2017/CVE-2017-12611.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

57 lines
2.6 KiB
Markdown
Raw Blame History

### [CVE-2017-12611](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12611)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Struts&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.0.0%20-%202.3.33%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.5%20-%202.5.10.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=A%20possible%20Remote%20Code%20Execution%20attack%20when%20using%20an%20unintentional%20expression%20in%20Freemarker%20tag%20instead%20of%20string%20literals&color=brightgreen)
### Description
In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.
### POC
#### Reference
No PoCs from references.
#### Github
- https://github.com/0day666/Vulnerability-verification
- https://github.com/20142995/Goby
- https://github.com/20142995/nuclei-templates
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
- https://github.com/3llio0T/Active-
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/Elymaro/Struty
- https://github.com/HimmelAward/Goby_POC
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
- https://github.com/JFR-C/Boot2root-CTFs-Writeups
- https://github.com/Jean-Francois-C/Boot2root-CTFs-Writeups
- https://github.com/NyxAzrael/Goby_POC
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/SexyBeast233/SecBooks
- https://github.com/TesterCC/exp_poc_library
- https://github.com/Z0fhack/Goby_POC
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/albinowax/ActiveScanPlusPlus
- https://github.com/brianwrf/S2-053-CVE-2017-12611
- https://github.com/bright-angel/sec-repos
- https://github.com/brunsu/woodswiki
- https://github.com/ice0bear14h/struts2scan
- https://github.com/khansiddique/VulnHub-Boot2root-CTFs-Writeups
- https://github.com/khodges42/Etrata
- https://github.com/linchong-cmd/BugLists
- https://github.com/lnick2023/nicenice
- https://github.com/pctF/vulnerable-app
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/ranhn/Goby-Poc
- https://github.com/superlink996/chunqiuyunjingbachang
- https://github.com/tcetin704/CVE-2017-12611
- https://github.com/tdcoming/Vulnerability-engine
- https://github.com/whoadmin/pocs
- https://github.com/woods-sega/woodswiki
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/zeynepsilao/CVE-2017-12611_Exploit
Reference in New Issue View Git Blame Copy Permalink