Exploit for CVE-2024-53667_4D1D49A1-E69C-5071-8061-96C8DE4B22AC

9.8 / 10

CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Description

CVE-2024-53677 — How the Exploit Works and How to Run It Vulnerability summary The flaw is in how Struts' FileUploadInterceptor hands off the uploaded filename to the action class. Normally the interceptor sanitizes the filename, but Struts also lets...

Visit Original Source

Basic Information

ID 4D1D49A1-E69C-5071-8061-96C8DE4B22AC

Published May 22, 2026 at 07:20

Modified May 22, 2026 at 08:06

{
    "lastseen": "2026-05-22T08:17:50",
    "description": "CVE-2024-53677 \u2014 How the Exploit Works and How to Run It Vulnerability summary The flaw is in how Struts' FileUploadInterceptor hands off the uploaded filename to the action class. Normally the interceptor sanitizes the filename, but Struts also lets...",
    "published": "2026-05-22T07:20:00",
    "modified": "2026-05-22T08:06:10",
    "type": "githubexploit",
    "title": "Exploit for CVE-2024-53667",
    "source": "",
    "references": "",
    "id": "4D1D49A1-E69C-5071-8061-96C8DE4B22AC",
    "bulletinFamily": "exploit",
    "cwe": null,
    "cvelist": [
        "CVE-2024-53667",
        "CVE-2024-53677"
    ],
    "sourceData": "",
    "sourceHref": "",
    "cvss": {
        "score": 9.8,
        "severity": "CRITICAL",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "https://github.com/baburkin/struts-uploader-vulnerability",
    "category_name": "Exploit",
    "post_link": "",
    "product": "",
    "version": "",
    "vendor": "",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Description

Basic Information

💭 Join the Security Discussion ❌ Cancel Reply