add S2-061

2025-05-05 10:16:59 +00:00 · 2020-12-16 10:39:16 +08:00 · 2020-12-16 10:39:16 +08:00 · 04c173e86f
commit 04c173e86f
parent 099ff419ff
2 changed files with 12 additions and 0 deletions
--- a/Struts2/S2-061(CVE-2020-17530)/README.md
+++ b/Struts2/S2-061(CVE-2020-17530)/README.md
@ -0,0 +1,12 @@
+# S2-061 (CVE-2020-17530) Remote Code Execution Vulnerability
+
+Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
+
+**Affected version**: Apache Struts 2.0.0 - Struts 2.5.25
+
+**[FOFA](https://fofa.so/result?qbase64=YXBwPSJTdHJ1dHMyIg%3D%3D) query rule**: app="Struts2"
+
+# Demo
+
+![](S2-061.gif)
+
--- a/Struts2/S2-061(CVE-2020-17530)/S2-061.gif
+++ b/Struts2/S2-061(CVE-2020-17530)/S2-061.gif