Apache Struts2 文件上传逻辑绕过(CVE-2024-53677)(S2-067) | CTF导航
Tags
attack-pattern: Data Confluence - T1213.001 Software - T1592.002
Show in Graph
Common Information
Type Value
UUID 8ae9ba47-e989-44b2-b6f3-af61b7539146
Fingerprint ae39d3789a4a1452
Analysis status DONE
Considered CTI value -2
Text language
Published Dec. 16, 2024, midnight
Added to db Dec. 17, 2024, 12:37 p.m.
Last updated Dec. 19, 2024, 2:25 a.m.
Headline Apache Struts2 文件上传逻辑绕过(CVE-2024-53677)(S2-067)
Title Apache Struts2 文件上传逻辑绕过(CVE-2024-53677)(S2-067) | CTF导航
Detected Hints/Tags/Attributes 23/1/26
Source URLs
Redirection Url
Details Source https://www.ctfiot.com/218932.html
URL Provider
Details Provider Source level domain
Details ctfiot.com www.ctfiot.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 426 CTF导航 https://www.ctfiot.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 24 
cve-2024-53677
Details Domain 141 
java.io
Details Domain 35 
www.apache.org
Details Domain 2 
xmlns.jcp.org
Details Domain 161 
www.w3.org
Details Domain 2 
var2.next
Details Domain 2 
developer.aliyun.com
Details Domain 20 
cwiki.apache.org
Details Domain 2 
y4tacker.github.io
Details File 2 
struts.xml
Details File 2 
file.jsp
Details File 1 
files.jsp
Details File 44 
web.xml
Details File 2 
web-app_4_0.xsd
Details File 1 
newparams.key
Details File 94 
1.txt
Details File 37 
2.txt
Details IPv4 16 
6.3.0.2
Details IPv4 1534 
127.0.0.1
Details Url 5 
http://www.apache.org/licenses/license-2.0
Details Url 2 
http://xmlns.jcp.org/xml/ns/javaee
Details Url 52 
http://www.w3.org/2001/xmlschema-instance
Details Url 2 
http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd
Details Url 1 
https://developer.aliyun.com/article/330800
Details Url 7 
https://cwiki.apache.org/confluence/display/ww/s2-067
Details Url 1 
https://y4tacker.github.io/2023/12/09/year/2023/12/apache-struts2-文件上传分析-s2-066