Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2024-53677 PoC — Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks

Source
https://github.com/TAM-K592/CVE-2024-53677-S2-067
Associated Vulnerability
Title:Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks (CVE-2024-53677)
Description:File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: from 2.0.0 before 6.4.0. Users are recommended to upgrade to version 6.4.0 at least and migrate to the new file upload mechanism https://struts.apache.org/core-developers/file-upload . If you are not using an old file upload logic based on FileuploadInterceptor your application is safe. You can find more details in  https://cwiki.apache.org/confluence/display/WW/S2-067
Description
A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.
Readme
🚨🚨 CVE-2024-53677-S2-067🚨🚨


Security Advisory: CVE-2024-53677 – Critical Apache Struts Remote Code Execution Vulnerability

Advisory Date: December 14, 2024

CVE ID: CVE-2024-53677

CVSS Score: 9.5 (Critical)

Overview

A critical vulnerability, CVE-2024-53677, has been identified in the popular Apache Struts framework, potentially allowing attackers to execute arbitrary code remotely. This vulnerability arises from flaws in the file upload logic, which can be exploited to perform path traversal and malicious file uploads.

The vulnerability impacts specific versions of Apache Struts and requires immediate attention from developers and administrators to mitigate the risk of exploitation.

Vulnerable Versions

The following versions of Apache Struts are affected:
2.0.0 to 2.5.33
6.0.0 to 6.3.0.2
The issue has been resolved in Apache Struts 6.4.0 and later versions

Description

CVE-2024-53677 is a critical vulnerability that allows attackers to exploit weaknesses in the file upload mechanism of Apache Struts. By manipulating the file upload parameters, an attacker can achieve the following:
Path Traversal: Upload files to arbitrary locations within the server, bypassing security mechanisms.
Remote Code Execution (RCE): Execute malicious code by uploading and triggering executable files, such as .jsp scripts or binary payloads.
According to the Apache Struts advisory, the vulnerability is not backward-compatible with older file upload mechanisms. As such, organizations using the deprecated file upload method must rewrite their actions to adopt the new, secure mechanism introduced in version 6.4.0.

Mitigation
1. Upgrade to Apache Struts 6.4.0 or Later
The Apache Struts team has resolved the vulnerability in version 6.4.0.
Migrate to the new Action File Upload Mechanism to ensure security. Note that this migration requires code refactoring due to non-backward compatibility.
S2-067 https://cwiki.apache.org/confluence/display/WW/S2-067
File Snapshot

 [4.0K]  /data/pocs/6c5dc5888e075ae0edbb090722552b04a8aae69b
├── [5.4K]  Check-CVE-2024-53677.py
├── [1.9K]  README.md
├── [ 385]  requirements.txt
└── [3.1K]  S2-067-POC.py

0 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →