Skip to content

0xdeviner/CVE-2024-53677

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
struts-app
struts-app
 
 
Dockerfile
Dockerfile
 
 
README.md
README.md
 
 
context.xml
context.xml
 
 
tomcat-users.xml
tomcat-users.xml
 
 

Repository files navigation

CVE-2024-53677 - Apache Struts 2 Root Cause Analysis Lab Environment

This repository provides a Docker-based environment to reproduce the CVE-2024-53677 vulnerability in Apache Struts 2. This vulnerability involves path traversal through the file upload functionality in Struts 2.

Source

This lab environment is based on my blog post - CVE-2024-53677 - Apache Struts File Upload Vulnerability leading to RCE

Setup Instructions

The environment can be built and run using Docker. Follow these steps to set up the application:

git clone https://github.com/0xdeviner/CVE-2024-53677.git
cd CVE-2024-53677 
docker build -t apache-struts2-cve-2024-53677 .
docker run -p 8080:8080 -itd --name apache-struts2 apache-struts2-cve-2024-53677
curl http://IP:8080/upload

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages