Add S2-016(CVE-2013-2251)

2025-06-20 09:50:49 +00:00 · 2020-04-13 14:43:32 +08:00 · 2020-04-13 14:43:32 +08:00 · 2e0671dd95
commit 2e0671dd95
parent f59f993886
2 changed files with 11 additions and 0 deletions
--- a/Struts2/S2-016(CVE-2013-2251)/README.md
+++ b/Struts2/S2-016(CVE-2013-2251)/README.md
@ -0,0 +1,11 @@
+# S2-016 (CVE-2013-2251) Remote Code Execution Vulnerability
+
+Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expressions via a parameter with a crafted (1) action:, (2) redirect:, or (3) redirectAction: prefix.
+
+Affected Version: Apache Struts2 2.0.0 - 2.3.15
+
+FOFA query rule: app="Struts2"
+
+# Demo
+
+![](S2-016.gif)
--- a/Struts2/S2-016(CVE-2013-2251)/S2-016.gif
+++ b/Struts2/S2-016(CVE-2013-2251)/S2-016.gif