VDB
WID-SEC-W-2024-1277
WID-SEC-W-2024-1277
PUBLISHED
Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle Fusion Middleware | ||
| Oracle WebCenter Sites |
Exploit Intelligence
- http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixFMW (circl)
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog (circl)
- https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2024-1277.json (circl)
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1277 (circl)
- Kouf320/attacker-lab-cve-2017-5638-cve-2021-41773-paper (github-poc)
- Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability. (github-poc)
- A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub Docker environments. Includes setup instructions and commands to run the vulnerable container. (github-poc)
- ACharaf06/CVE-2017-5638-Attack-and-Defense (github-poc)
- CVE-2017-5638- PoC (github-poc)
- A hands-on simulation of CVE-2017-5638 (Apache Struts2 RCE), showcasing exploit reproduction, OS-level command execution, and mitigations such as input sanitization and endpoint monitoring. Built in Python/Flask with Jupyter notebook demos (github-poc)
…and 92 more exploits
Timeline
- Apr 18, 2017 CVE Published
- Oct 2, 2020 PoC Published
- Nov 6, 2020 PoC Published
- Sep 6, 2021 PoC Published
- Oct 9, 2024 PoC Published
- Nov 11, 2024 CVE Updated
- Dec 12, 2024 PoC Published
- Mar 28, 2025 PoC Published
- Sep 26, 2025 PoC Published
References
- https://wid.cert-bund.de/.well-known/csaf/white/2017/wid-sec-w-2024-1277.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1277 advisory
- http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixFMW url
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog url