9.3
CVSSv2

CVE-2013-2115

Published: 10/07/2013 Updated: 24/09/2020
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.1 | Impact Score: 5.9 | Exploitability Score: 2.2
VMScore: 975
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Apache Struts 2 prior to 2.3.14.2 allows remote malicious users to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966.

Vulnerability Trend

Vendor Advisories

Apache Struts 2 before 23142 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag NOTE: this issue is due to an incomplete fix for CVE-2013-1966 ...

Exploits

## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # web site for more information on licensing and terms of use # metasploitcom/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit:: ...

Metasploit Modules

Apache Struts includeParams Remote Code Execution

This module exploits a remote command execution vulnerability in Apache Struts versions < 2.3.14.2. A specifically crafted request parameter can be used to inject arbitrary OGNL code into the stack bypassing Struts and OGNL library protections. When targeting an action which requires interaction through GET, the payload should be split, taking into account the URI limits. In this case, if the rendered JSP has more than one point of injection, it could result in payload corruption. This should happen only when the payload is larger than the URI length.

msf > use exploit/multi/http/struts_include_params
      msf exploit(struts_include_params) > show targets
            ...targets...
      msf exploit(struts_include_params) > set TARGET <target-id>
      msf exploit(struts_include_params) > show options
            ...show and set options...
      msf exploit(struts_include_params) > exploit

Github Repositories

Generates Deep Security CSV reports

Setup Instructions Download &amp; install the Deep Security SDK Create Deep Security API keys Set the API key as a DS_KEY environment variable Usage Instructions Help Menu $ python3 reporterpy -h usage: reporterpy [-h] [--report-filename REPORT_FILENAME] [--summary-filename SUMMARY_FILENAME] [--app-names [APP_NAMES [APP_NAMES