Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads.
PoC: struts-pwn_CVE-2017-9805
An exploit for Apache Struts CVE-2017-9805
PoC: struts-rce-cve-2017-9805
CVE 2017-9805
PoC: cve-2017-9805.py
Better Exploit Code For CVE 2017 9805 apache struts
PoC: -CVE-2017-9805
Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805)
PoC: apache-struts-pwn_CVE-2017-9805
An exploit for Apache Struts CVE-2017-9805
PoC: struts2-rce-cve-2017-9805-ruby
cve -2017-9805
PoC: CVE-2017-9805-Exploit
CVE-2017-9805-Exploit
PoC: struts_rest_rce_fuzz-CVE-2017-9805-
Simple python script to fuzz site for CVE-2017-9805
PoC: S2-052
CVE-2017-9805 - Exploit
PoC: struts-s2-052-deserialization-rce-lab
Proof-of-Concept exploit for Apache Struts S2-052 (CVE-2017-9805) XML Deserialization Remote Code Execution. Created while solving the INE eWPTX Practice Range lab. Includes custom payloads, reverse shell exploit script, and step-by-step exploitation examples.
PoC: CVE-2017-9805-S2-052
CVE-2017-9805 S2-052 PoC
PoC: CVE-2017-9805
CVE-2017-9805: Apache Struts 2 S2-052 RCE Exploit - PoC for Harvard University (OTD)
PoC: CVE-2017-9805_example_build
Example web application that run on struts2 REST plugin 2.5.8, for demonstration purpose only
PoC: CVE-2017-9805
CVE-2017-9805 POC
PoC: CVE-2017-9805
struts2-rest-showcase 2.5.10
PoC: -CVE-2017-9805-
Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805)
PoC: CVE-2017-9805-Exploit
Struts 2.5 - 2.5.12 REST Plugin XStream RCE
PoC: CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit
A script to Fuzz and and exploit Apache struts CVE-2017-9805
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free