2016
06.10

Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution

Category: exploit / Tags: no tag / Add Comment

This Metasploit module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.

No Comment.

Add Your Comment

Your Comment

You must be logged in to post a comment.