Strutting your stuff – Unauthenticated Remote Code Execution

Carrie Roberts // Unauthenticated Remote Code Execution? A hacker’s best friend. And that is what we have with CVE-2017-5638 Apache Struts with working exploit code here: Save the exploit code to a file and execute with Python passing two command line arguments. The first command line argument is the URL to execute the attack […]

Read the entire post here