Goby/json/Apache-Struts-CVE-2017-1261...

{
  "Name": "Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability",
  "Description": "In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.",
  "Product": "Struts2",
  "Homepage": "http://struts.apache.org/",
  "DisclosureDate": "2017-09-20",
  "Author": "gobysec@gmail.com",
  "FofaQuery": "app=\"Struts2\"",
  "GobyQuery": "app=\"Struts2\"",
  "Level": "3",
  "Impact": "This issue may lead to Remote Code execution.",
  "Recommendation": "",
  "References": [
    "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-003.txt",
    "http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html",
    "http://www.securityfocus.com/bid/100829",
    "https://kb.netapp.com/support/s/article/ka51A000000CgttQAC/NTAP-20170911-0001",
    "https://struts.apache.org/docs/s2-053.html",
    "https://nvd.nist.gov/vuln/detail/CVE-2017-12611",
    "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12611"
  ],
  "HasExp": true,
   "ExpParams": [
	{
      "Name": "AttackType",
      "Type": "select",
      "Value": "goby_shell_linux,cmd"
    },    
	{
      "Name": "cmd",
      "Type": "input",
		"show": "AttackType=cmd",
      "Value": "ls"
    }
  ],
  "ExpTips": {
    "Type": "",
    "Content": ""
  },
  "ScanSteps": null,
  "ExploitSteps": null,
  "Tags": [
    "rce"
  ],
  "CVEIDs": [
    "CVE-2017-12611"
  ],
  "CVSSScore": "9.8",
  "AttackSurfaces": {
    "Application": null,
    "Support": ["Struts2"],
    "Service": null,
    "System": null,
    "Hardware": null
  },
  "Disable": false
}
auto 2022-11-25 02:08:58 -08:00			`{`
			`"Name": "Apache Struts CVE-2017-12611 Remote Code Execution Vulnerability",`
			`"Description": "In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.",`
			`"Product": "Struts2",`
			`"Homepage": "http://struts.apache.org/",`
			`"DisclosureDate": "2017-09-20",`
			`"Author": "gobysec@gmail.com",`
			`"FofaQuery": "app=\"Struts2\"",`
			`"GobyQuery": "app=\"Struts2\"",`
			`"Level": "3",`
			`"Impact": "This issue may lead to Remote Code execution.",`
			`"Recommendation": "",`
			`"References": [`
			`"http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-003.txt",`
			`"http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html",`
			`"http://www.securityfocus.com/bid/100829",`
			`"https://kb.netapp.com/support/s/article/ka51A000000CgttQAC/NTAP-20170911-0001",`
			`"https://struts.apache.org/docs/s2-053.html",`
			`"https://nvd.nist.gov/vuln/detail/CVE-2017-12611",`
			`"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-12611"`
			`],`
			`"HasExp": true,`
			`"ExpParams": [`
			`{`
			`"Name": "AttackType",`
			`"Type": "select",`
			`"Value": "goby_shell_linux,cmd"`
			`},`
			`{`
			`"Name": "cmd",`
			`"Type": "input",`
			`"show": "AttackType=cmd",`
			`"Value": "ls"`
			`}`
			`],`
			`"ExpTips": {`
			`"Type": "",`
			`"Content": ""`
			`},`
			`"ScanSteps": null,`
			`"ExploitSteps": null,`
			`"Tags": [`
			`"rce"`
			`],`
			`"CVEIDs": [`
			`"CVE-2017-12611"`
			`],`
			`"CVSSScore": "9.8",`
			`"AttackSurfaces": {`
			`"Application": null,`
			`"Support": ["Struts2"],`
			`"Service": null,`
			`"System": null,`
			`"Hardware": null`
			`},`
			`"Disable": false`
			`}`