Entreprise d'experts en Sécurité Informatique : Audits et conseils en cybersécurité
Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com


CVE-2018-11776

Description

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.

POC

Reference

- http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html

- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

- https://cwiki.apache.org/confluence/display/WW/S2-057

- https://github.com/hook-s3c/CVE-2018-11776-Python-PoC

- https://www.exploit-db.com/exploits/45260/

- https://www.exploit-db.com/exploits/45262/

- https://www.exploit-db.com/exploits/45367/

- https://www.oracle.com/security-alerts/cpujul2020.html

- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Github

- https://github.com/0day666/Vulnerability-verification

- https://github.com/0x0d3ad/Kn0ck

- https://github.com/0xT11/CVE-POC

- https://github.com/0xh4di/PayloadsAllTheThings

- https://github.com/1o24er/RedTeam

- https://github.com/20142995/Goby

- https://github.com/20142995/nuclei-templates

- https://github.com/20142995/pocsuite3

- https://github.com/20142995/sectool

- https://github.com/3llio0T/Active-

- https://github.com/3vikram/Application-Vulnerabilities-Payloads

- https://github.com/649/Apache-Struts-Shodan-Exploit

- https://github.com/84KaliPleXon3/Payloads_All_The_Things

- https://github.com/ARPSyndicate/cve-scores

- https://github.com/ARPSyndicate/cvemon

- https://github.com/ARPSyndicate/kenzer-templates

- https://github.com/Aisle-Dev-Enterprise/securitylab

- https://github.com/Al1ex/Red-Team

- https://github.com/Apri1y/Red-Team-links

- https://github.com/ArunBhandarii/Apache-Struts-0Day-Exploit

- https://github.com/BitTheByte/Domainker

- https://github.com/BitTheByte/Eagle

- https://github.com/CTF-Archives/Puff-Pastry

- https://github.com/CVEDB/PoC-List

- https://github.com/CVEDB/awesome-cve-repo

- https://github.com/CVEDB/top

- https://github.com/Chiku014/vulnerability-scanner

- https://github.com/CrackerCat/myhktools

- https://github.com/Cyb3rhq/securitylab

- https://github.com/CybVulnHunter/nmap-guidelines

- https://github.com/Delishsploits/PayloadsAndMethodology

- https://github.com/Echocipher/Resource-list

- https://github.com/Ekultek/Strutter

- https://github.com/Elsfa7-110/kenzer-templates

- https://github.com/Elymaro/Struty

- https://github.com/Firebasky/CodeqlLearn

- https://github.com/Fnzer0/S2-057-poc

- https://github.com/Ghebriou/platform_pfe

- https://github.com/GhostTroops/TOP

- https://github.com/GhostTroops/myhktools

- https://github.com/GuynnR/Payloads

- https://github.com/HimmelAward/Goby_POC

- https://github.com/HxDDD/CVE-PoC

- https://github.com/IkerSaint/VULNAPP-vulnerable-app

- https://github.com/Ivan1ee/struts2-057-exp

- https://github.com/J1ezds/Vulnerability-Wiki-page

- https://github.com/JERRY123S/all-poc

- https://github.com/Joe-zsc/April-AE

- https://github.com/KeerthiYasasvi/Honeypot-Data-Analysis-using-T-pot

- https://github.com/LightC0der/Apache-Struts-0Day-Exploit

- https://github.com/Maarckz/PayloadParaTudo

- https://github.com/Muhammd/Awesome-Payloads

- https://github.com/NAYLINNU/PayloadAllTheThings

- https://github.com/Nieuport/PayloadsAllTheThings

- https://github.com/NyxAzrael/Goby_POC

- https://github.com/Ondrik8/RED-Team

- https://github.com/Ostorlab/KEV

- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors

- https://github.com/OzNetNerd/apche-struts-vuln-demo-cve-2018-11776

- https://github.com/PEAKWEI/WsylibBookRS

- https://github.com/Pav-ksd-pl/PayloadsAllTheThings

- https://github.com/Prodject/Kn0ck

- https://github.com/PuddinCat/GithubRepoSpider

- https://github.com/Ra7mo0on/PayloadsAllTheThings

- https://github.com/SexyBeast233/SecBooks

- https://github.com/Soundaryakambhampati/test-6

- https://github.com/SourceryAI/Deep-Security-Reports

- https://github.com/Steven1ay/S2-057

- https://github.com/SummerSec/learning-codeql

- https://github.com/Threekiii/Awesome-POC

- https://github.com/Threekiii/Vulhub-Reproduce

- https://github.com/XPR1M3/Payloads_All_The_Things

- https://github.com/XiaomingX/awesome-poc-for-red-team

- https://github.com/Z0fhack/Goby_POC

- https://github.com/Zero094/Vulnerability-verification

- https://github.com/albinowax/ActiveScanPlusPlus

- https://github.com/alex14324/Eagel

- https://github.com/alex14324/mitaka

- https://github.com/alphaSeclab/sec-daily-2019

- https://github.com/andrysec/PayloadsAllVulnerability

- https://github.com/anhtu97/PayloadAllEverything

- https://github.com/anquanscan/sec-tools

- https://github.com/apkadmin/PayLoadsAll

- https://github.com/arlyone/Apache-Struts-0Day-Exploit

- https://github.com/ax1sX/Automation-in-Java-Security

- https://github.com/ax1sX/Codeql-In-Java-Security

- https://github.com/bakery312/Vulhub-Reproduce

- https://github.com/bhdresh/CVE-2018-11776

- https://github.com/brianwrf/S2-057-CVE-2018-11776

- https://github.com/bright-angel/sec-repos

- https://github.com/brunsu/woodswiki

- https://github.com/byteofandri/CVE-2021-26084

- https://github.com/byteofjoshua/CVE-2021-26084

- https://github.com/chanchalpatra/payload

- https://github.com/cucadili/CVE-2018-11776

- https://github.com/cved-sources/cve-2018-11776

- https://github.com/cyberanand1337x/apache-exploit-old

- https://github.com/cyberanand1337x/bug-bounty-2022

- https://github.com/djschleen/ash

- https://github.com/dk47os3r/hongduiziliao

- https://github.com/do0dl3/myhktools

- https://github.com/eescanilla/Apache-Struts-v3

- https://github.com/falocab/PayloadsAllTheThings

- https://github.com/foreseeti/securicad-enterprise-sdk

- https://github.com/foreseeti/securicad-vanguard-sdk

- https://github.com/freshdemo/ApacheStruts-CVE-2018-11776

- https://github.com/geeknik/my-awesome-stars

- https://github.com/gh0st27/Struts2Scanner

- https://github.com/github/securitylab

- https://github.com/habybobica12/apache

- https://github.com/hasee2018/Safety-net-information

- https://github.com/hellochunqiu/PayloadsAllTheThings

- https://github.com/hktalent/TOP

- https://github.com/hktalent/myhktools

- https://github.com/hook-s3c/CVE-2018-11776-Python-PoC

- https://github.com/hudunkey/Red-Team-links

- https://github.com/hwiwonl/dayone

- https://github.com/hy30nq/WHS_Struts2-S2-059-

- https://github.com/hyeonql/WHS

- https://github.com/hyeonql/WHS_Struts2-S2-059-

- https://github.com/ice0bear14h/struts2scan

- https://github.com/iflody/codeql-workshop

- https://github.com/iqrok/myhktools

- https://github.com/jamoski3112/strut

- https://github.com/jas502n/St2-057

- https://github.com/jbmihoub/all-poc

- https://github.com/jiguangsdf/CVE-2018-11776

- https://github.com/john-80/-007

- https://github.com/khodges42/Etrata

- https://github.com/khulnasoft-lab/SecurityLab

- https://github.com/khulnasoft-lab/vulnmap-ls

- https://github.com/khulnasoft/khulnasoft-ls

- https://github.com/knqyf263/CVE-2018-11776

- https://github.com/koutto/jok3r-pocs

- https://github.com/ksw9722/PayloadsAllTheThings

- https://github.com/landscape2024/RedTeam

- https://github.com/likekabin/Apache-Struts-v3

- https://github.com/likescam/Apache-Struts-v3

- https://github.com/lnick2023/nicenice

- https://github.com/lp008/Hack-readme

- https://github.com/m4sk0ff/CVE-2018-11776

- https://github.com/mazen160/struts-pwn_CVE-2018-11776

- https://github.com/mrhacker51/ReverseShellCommands

- https://github.com/murataydemir/CVE-2022-26134

- https://github.com/nevidimk0/PayloadsAllTheThings

- https://github.com/ninoseki/mitaka

- https://github.com/nobiusmallyu/kehai

- https://github.com/nullx3d/PaypScan

- https://github.com/oneplus-x/Sn1per

- https://github.com/oneplus-x/jok3r

- https://github.com/orangmuda/CVE-2021-26084

- https://github.com/ozkanbilge/Apache-Struts

- https://github.com/pctF/vulnerable-app

- https://github.com/plzheheplztrying/cve_monitor

- https://github.com/pudding2/struts2-057-exp

- https://github.com/qazbnm456/awesome-cve-poc

- https://github.com/rahulr311295/strut

- https://github.com/ranjan-prp/PayloadsAllTheThings

- https://github.com/raoufmaklouf/cve5scan

- https://github.com/ravijainpro/payloads_xss

- https://github.com/reanimat0r/2018-11776playground

- https://github.com/s1kr10s/Apache-Struts-v4

- https://github.com/safe6Sec/CodeqlNote

- https://github.com/sanyaade-teachings/securicad-enterprise-sdk

- https://github.com/sanyaade-teachings/securicad-vanguard-sdk

- https://github.com/savenas/InfoSec

- https://github.com/shhimnothere/payloadsallthethings

- https://github.com/shunyeka/DSSC-Vulnerabilities-report

- https://github.com/slimdaddy/RedTeam

- https://github.com/snyk/snyk-ls

- https://github.com/sobinge/--1

- https://github.com/sobinge/PayloadsAllTheThings

- https://github.com/sobinge/PayloadsAllThesobinge

- https://github.com/sonpt-afk/CVE-2018-11776-FIS

- https://github.com/sourcery-ai-bot/Deep-Security-Reports

- https://github.com/svbjdbk123/-

- https://github.com/swapravo/cvesploit

- https://github.com/tdcoming/Vulnerability-engine

- https://github.com/techgyu/WHS

- https://github.com/touchmycrazyredhat/myhktools

- https://github.com/trbpnd/2018-11776playground

- https://github.com/trbpnd/CVE-2018-11776

- https://github.com/trhacknon/myhktools

- https://github.com/tsheth/Cloud-One-Container-Image-Security-Demo

- https://github.com/tsheth/DSSC-Vulnerability-report

- https://github.com/tuxotron/cve-2018-11776-docker

- https://github.com/twensoo/PersistentThreat

- https://github.com/unusualwork/Sn1per

- https://github.com/we1h0/awesome-java-security-checklist

- https://github.com/weeka10/-hktalent-TOP

- https://github.com/wemindful/WsylibBookRS

- https://github.com/whoadmin/pocs

- https://github.com/winterwolf32/PayloadsAllTheThings

- https://github.com/woods-sega/woodswiki

- https://github.com/xbl3/awesome-cve-poc_qazbnm456

- https://github.com/xfox64x/CVE-2018-11776

- https://github.com/xiaoZ-hc/redtool

- https://github.com/yann-berthaux/struts57

- https://github.com/ynsmroztas/Apache-Struts-V4

- https://github.com/yut0u/RedTeam-BlackBox