Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-0113

CWE-26410 documents8 sources

Severity

7.5HIGH

EPSS

82.1%

top 0.79%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apache Struts

Timeline

PublishedApr 29

Latest updateMay 14

Description

CookieInterceptor in Apache Struts before 2.3.20, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶NVDapache/struts2.0.0 — 2.3.16.2

▶Mavenorg.apache.struts:struts2-core< 2.3.20

Patches

Patch: cwiki.apache.org ↗Patch: cwiki.apache.org ↗

🔴Vulnerability Details

OSV

ClassLoader manipulation in Apache Struts↗2022-05-14

▶

GHSA

ClassLoader manipulation in Apache Struts↗2022-05-14

▶

GHSA

ClassLoader manipulation in Apache Struts↗2022-05-14

▶

CVEList

CVE-2014-0113: CookieInterceptor in Apache Struts before 2↗2014-04-29

▶

VulnCheck

Apache Struts CookieInterceptor Vulnerability↗2014

▶

💥Exploits & PoCs

Exploit-DB

Apache Struts - ClassLoader Manipulation Remote Code Execution (Metasploit)↗2014-05-02

▶

📋Vendor Advisories

Red Hat

struts2: Struts internals manipulation via cookie request headers↗2014-05-05

▶

Red Hat

struts2: ClassLoader manipulation via cookie request headers↗2014-04-25

▶

💬Community

Bugzilla

CVE-2014-0113 struts2: ClassLoader manipulation via cookie request headers↗2014-04-29

▶