Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:GHSA-HMVJ-GC9Q-MG9P
HistoryMay 04, 2022 - 12:29 a.m.

Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode

2022-05-0400:29:43
Google
osv.dev
12
apache struts
debugginginterceptor
developer mode
remote code execution
security vulnerability

AI Score

9.4

Confidence

High

EPSS

0.938

Percentile

99.1%

JSON

The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not “a security vulnerability itself.”

Related

nvd 1
exploitdb 2
metasploit 1
prion 1
dsquare 3
nessus 2
nuclei 1
checkpoint_advisories 1
ubuntucve 1
packetstorm 1
zdt 1
f5 1
github 1
cvelist 1
cve 1
canvas 1
openvas 1
ibm 1
vmware 1
nvd
nvd
CVE-2012-0394
2012-01-08 15:55:01
exploitdb
exploitdb
Apache Struts - Developer Mode OGNL Execution (Metasploit)
2014-02-05 00:00:00
Apache Struts 2 < 2.3.1 - Multiple Vulnerabilities
2012-01-06 00:00:00
metasploit
metasploit
Apache Struts 2 Developer Mode OGNL Execution
2014-01-26 00:17:01
prion
prion
Security feature bypass
2012-01-08 15:55:00
dsquare
dsquare
Apache-Struts DebuggingInterceptor < 2.3.1.1 RCE Linux
2012-03-24 00:00:00
Apache-Struts DebuggingInterceptor < 2.3.1.1 RCE Windows
2012-03-24 00:00:00
Apache-Struts ExceptionDelegator < 2.3.1.1 RCE Linux
2012-03-24 00:00:00
nessus
nessus
Apache Struts 2.0.0 < 2.3.18 RCE (S2-008)
2024-09-24 00:00:00
VMSA-2012-0013 : VMware vSphere and vCOps updates to third-party libraries
2012-08-31 00:00:00
nuclei
nuclei
Apache Struts <2.3.1.1 - Remote Code Execution
2022-11-14 17:41:43
checkpoint_advisories
checkpoint_advisories
Apache Struts Debugging Interceptor Remote Code Execution (CVE-2012-0394)
2014-02-17 00:00:00
ubuntucve
ubuntucve
CVE-2012-0394
2012-01-08 00:00:00
packetstorm
packetstorm
Apache Struts Developer Mode OGNL Execution
2014-02-01 00:00:00
zdt
zdt
Apache Struts Developer Mode OGNL Execution Exploit
2014-02-04 00:00:00
f5
f5
K25570584 : Apache Struts vulnerability CVE-2012-0394
2020-12-11 00:00:00
github
github
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode
2022-05-04 00:29:43
cvelist
cvelist
CVE-2012-0394
2012-01-08 15:00:00
cve
cve
CVE-2012-0394
2012-01-08 15:55:01
canvas
canvas
Immunity Canvas: STRUTSCODEINJECTION
2012-01-08 15:55:00
openvas
openvas
Apache Struts Security Update (S2-008)
2021-09-14 00:00:00
ibm
ibm
Security Bulletin: Order Management could be subject to multiple cross-site scripting (XSS) vulnerabilities in XWork in Apache Struts 2.x.
2024-04-12 17:35:43
vmware
vmware
VMware vSphere and vCOps updates to third party libraries
2012-08-30 00:00:00

AI Score

9.4

Confidence

High

EPSS

0.938

Percentile

99.1%

JSON
Related for OSV:GHSA-HMVJ-GC9Q-MG9P
nvd1exploitdb2metasploit1prion1dsquare3nessus2nuclei1checkpoint_advisories1ubuntucve1packetstorm1zdt1f51github1cvelist1cve1canvas1openvas1ibm1vmware1