← back
CVE-2012-1592

CVE-2012-1592

EPSS 28.5%
A local code execution issue exists in Apache Struts2 when processing malformed XSLT files, which could let a malicious user upload and execute arbitrary files.
Affected products
libstruts1.2-java · libstruts1.2-java
public PoCs found1
exploitdbwww.exploit-db.com/exploits/37009unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://access.redhat.com/security/cve/cve-2012-1592https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-1592https://lists.apache.org/thread.html/r348ed455a140273c40b974f0615dee692f7c9b26c6de2118b4280ef2%40%3Cissues.struts.apache.org%3Ehttps://lists.apache.org/thread.html/r593ebb2f4c95b064e6901fd273eff256c493db952bdb484395948ffc%40%3Cissues.struts.apache.org%3Ehttps://lists.apache.org/thread.html/r93c4e3f6cb138cd117c739714f07e47af547183ba099ba46be2b2a5b%40%3Cissues.struts.apache.org%3Ehttps://security-tracker.debian.org/tracker/CVE-2012-1592http://www.openwall.com/lists/oss-security/2012/03/28/12