VDB

CNVD-2017-02474

CNVD-2017-02474 PUBLISHED CVSS 9.800000190734863 CRITICAL

Apache Struts是一款用于创建企业级Java Web应用的开源框架。 Apache Struts2存在S2-045远程代码执行漏洞。远程攻击者利用该漏洞可直接取得网站服务器控制权。

Risk Scores

CVSS 3.1
9.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products

VendorProductVersions
Apache Software FoundationApache Struts2.3.x before 2.3.32, *

Timeline

  • May 3, 2016 CVE Published
  • Mar 7, 2017 PoC Published
  • Mar 15, 2017 PoC Published
  • Apr 6, 2017 PoC Published
  • May 7, 2018 PoC Published
  • May 29, 2018 PoC Published
  • Dec 16, 2019 PoC Published
  • Oct 2, 2020 PoC Published
  • Oct 9, 2020 PoC Published
  • Oct 9, 2020 PoC Published
  • Oct 9, 2020 PoC Published
  • Oct 9, 2020 PoC Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›