Forced Object-Graph Navigation Language (OGNL) evaluation in Apache Struts, when evaluated on raw user input in tag attributes, can lead to remote code execution.
PoC: CVE-2020-17530
S2-061 的payload,以及对应简单的PoC/Exp
PoC: CVE-2020-17530
S2-061 CVE-2020-17530
PoC: CVE-2020-17530-strust2-061
CVE-2020-17530-strust2-061
PoC: CVE-2020-17530
Apache Struts2框架是一个用于开发Java EE网络应用程序的Web框架。Apache Struts于2020年12月08日披露 S2-061 Struts 远程代码执行漏洞(CVE-2020-17530),在使用某些tag等情况下可能存在OGNL表达式注入漏洞,从而造成远程代码执行,风险极大。提醒我校Apache Struts用户尽快采取安全措施阻止漏洞攻击。
PoC: CVE-2020-17530
WHS 3기 장대혁 취약한(CVE) Docker 환경 구성 과제입니다.
PoC: CVE-2020-17530
Vulnerable environment of CVE-2020-17530 (S2-061) for testing
PoC: CVE-2020-17530
Struts2 S2-061 远程命令执行漏洞(CVE-2020-17530)
PoC: freemarker_RCE_struts2_s2-061
(cve-2020-17530) struts2_s2-061 freemarker_RCE testscript
Get alerted for CVEs like this
Register your stack and get notified within minutes when a matching CVE drops.
Start monitoring free