CVE-2011-3923
CVE-2011-3923
Apache Struts before 2.3.1.2 allows remote attackers to bypass security protections in the ParameterInterceptor class and execute arbitrary commands.
Affected products
Apache · Strutspublic PoCs found — 2
cve_referencewww.exploit-db.com/exploits/24874unverifiedexploitdbwww.exploit-db.com/exploits/24874unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-3923http://seclists.org/fulldisclosure/2014/Jul/38https://exchange.xforce.ibmcloud.com/vulnerabilities/72585https://security-tracker.debian.org/tracker/CVE-2011-3923http://www.exploit-db.com/exploits/24874http://www.securityfocus.com/bid/51628http://www.securitytracker.com/id?1026575