### [CVE-2017-5638](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5638)
![](https://img.shields.io/static/v1?label=Product&message=Apache%20Struts&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

### POC

#### Reference
- http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html
- http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution/
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- https://github.com/rapid7/metasploit-framework/issues/8064
- https://isc.sans.edu/diary/22169
- https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt
- https://www.exploit-db.com/exploits/41614/

#### Github
- https://github.com/0day666/Vulnerability-verification
- https://github.com/0x00-0x00/CVE-2017-5638
- https://github.com/0x0d3ad/Kn0ck
- https://github.com/0x4D5352/rekall-penetration-test
- https://github.com/0xConstant/CVE-2017-5638
- https://github.com/0xConstant/ExploitDevJourney
- https://github.com/0xh4di/PayloadsAllTheThings
- https://github.com/0xkasra/CVE-2017-5638
- https://github.com/0xkasra/ExploitDevJourney
- https://github.com/0xm4ud/S2-045-RCE
- https://github.com/0xm4ud/S2-045-and-S2-052-Struts-2-in-1
- https://github.com/20142995/Goby
- https://github.com/20142995/pocsuite3
- https://github.com/20142995/sectool
- https://github.com/3llio0T/Active-
- https://github.com/3vikram/Application-Vulnerabilities-Payloads
- https://github.com/84KaliPleXon3/Payloads_All_The_Things
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/Aasron/Struts2-045-Exp
- https://github.com/AdamCrosser/awesome-vuln-writeups
- https://github.com/AndreaOm/awesome-stars
- https://github.com/AndreasKl/CVE-2017-5638
- https://github.com/Badbird3/CVE-2017-5638
- https://github.com/BugBlocker/lotus-scripts
- https://github.com/CMYanko/struts2-showcase
- https://github.com/CVEDB/PoC-List
- https://github.com/CVEDB/awesome-cve-repo
- https://github.com/CVEDB/top
- https://github.com/CrackerCat/myhktools
- https://github.com/Cyberleet1337/Payloadswebhack
- https://github.com/Delishsploits/PayloadsAndMethodology
- https://github.com/DynamicDesignz/Alien-Framework
- https://github.com/ElonMusk2002/Cyber-ed-solutions
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/Flyteas/Struts2-045-Exp
- https://github.com/FredBrave/CVE-2017-5638-ApacheStruts2.3.5
- https://github.com/FrostyBackpack/udemy-application-security-the-complete-guide
- https://github.com/GhostTroops/TOP
- https://github.com/GhostTroops/myhktools
- https://github.com/Greynad/struts2-jakarta-inject
- https://github.com/GuynnR/Payloads
- https://github.com/H0j3n/EzpzCheatSheet
- https://github.com/HimmelAward/Goby_POC
- https://github.com/IkerSaint/VULNAPP-vulnerable-app
- https://github.com/Iletee/struts2-rce
- https://github.com/JERRY123S/all-poc
- https://github.com/JSchauert/Penetration-Testing-2
- https://github.com/JSchauert/Project-2-Offensive-Security-CTF
- https://github.com/JShortSona/Jenkins-Struts2
- https://github.com/Jodagh/struts
- https://github.com/K1ngDamien/epss-super-sorter
- https://github.com/Kaizhe/attacker
- https://github.com/KarzsGHR/S2-046_S2-045_POC
- https://github.com/Lawrence-Dean/awesome-stars
- https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve
- https://github.com/MelanyRoob/Goby
- https://github.com/Meowmycks/OSCPprep-BlueSky
- https://github.com/Muhammd/Awesome-Payloads
- https://github.com/NCSU-DANCE-Research-Group/CDL
- https://github.com/Nicolasbcrrl/h2_Goat
- https://github.com/Nieuport/PayloadsAllTheThings
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/PWN-Kingdom/Test_Tasks
- https://github.com/Pav-ksd-pl/PayloadsAllTheThings
- https://github.com/PolarisLab/S2-045
- https://github.com/ProbiusOfficial/Awsome-Sec.CTF-Videomaker
- https://github.com/Prodject/Kn0ck
- https://github.com/Pwera/Anchore-Notes
- https://github.com/QChiLan/jexboss
- https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit-
- https://github.com/Ra7mo0on/PayloadsAllTheThings
- https://github.com/RayScri/Struts2-045-RCE
- https://github.com/SexyBeast233/SecBooks
- https://github.com/Soldie/PayloadsAllTheThings
- https://github.com/SpiderMate/Stutsfi
- https://github.com/SunatP/FortiSIEM-Incapsula-Parser
- https://github.com/Tankirat/CVE-2017-5638
- https://github.com/TheTechSurgeon/struts2-rce-public
- https://github.com/TheTechSurgeon/struts2rce
- https://github.com/Threekiii/Awesome-Exploit
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/Vulhub-Reproduce
- https://github.com/UNC1739/awesome-vulnerability-research
- https://github.com/XPR1M3/Payloads_All_The_Things
- https://github.com/Xhendos/CVE-2017-5638
- https://github.com/Z0fhack/Goby_POC
- https://github.com/Zero094/Vulnerability-verification
- https://github.com/abaer123/BaerBox-Struts2-RCE
- https://github.com/acpcreation/struts2-rce-public
- https://github.com/albinowax/ActiveScanPlusPlus
- https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2
- https://github.com/alphaSeclab/sec-daily-2019
- https://github.com/amitnandi04/Common-Vulnerability-Exposure-CVE-
- https://github.com/andrewkroh/auditbeat-apache-struts-demo
- https://github.com/andrysec/PayloadsAllVulnerability
- https://github.com/andypitcher/check_struts
- https://github.com/anhtu97/PayloadAllEverything
- https://github.com/anquanscan/sec-tools
- https://github.com/apkadmin/PayLoadsAll
- https://github.com/aylincetin/PayloadsAllTheThings
- https://github.com/bakery312/Vulhub-Reproduce
- https://github.com/battleofthebots/credit-monitoring
- https://github.com/bhagdave/CVE-2017-5638
- https://github.com/bibortone/Jexboss
- https://github.com/bongbongco/cve-2017-5638
- https://github.com/c002/Apache-Struts
- https://github.com/c002/Java-Application-Exploits
- https://github.com/c1apps/c1-apache-struts2
- https://github.com/cafnet/apache-struts-v2-CVE-2017-5638
- https://github.com/chanchalpatra/payload
- https://github.com/colorblindpentester/CVE-2017-5638
- https://github.com/corpbob/struts-vulnerability-demo
- https://github.com/cyberanand1337x/bug-bounty-2022
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/dannymas/FwdSh3ll
- https://github.com/deepfence/apache-struts
- https://github.com/delanAtMergebase/defender-demo
- https://github.com/do0dl3/myhktools
- https://github.com/donaldashdown/Common-Vulnerability-and-Exploit
- https://github.com/eannaratone/struts2-rce
- https://github.com/eeehit/CVE-2017-5638
- https://github.com/eescanilla/Apache-Struts-v3
- https://github.com/envico801/anki-owasp-top-10
- https://github.com/erickfernandox/slicepathsurl
- https://github.com/erickfernandox/slicepathurl
- https://github.com/evolvesecurity/vuln-struts2-vm
- https://github.com/f5oto/hackable
- https://github.com/faisalmemon/picoCTF-JAuth-writeup
- https://github.com/falcon-lnhg/StrutsShell
- https://github.com/falocab/PayloadsAllTheThings
- https://github.com/finos/code-scanning
- https://github.com/finos/security-scanning
- https://github.com/fupinglee/Struts2_Bugs
- https://github.com/ggolawski/struts-rce
- https://github.com/gh0st27/Struts2Scanner
- https://github.com/gmu-swe/rivulet
- https://github.com/gobysec/Goby
- https://github.com/gsfish/S2-Reaper
- https://github.com/gyanaa/https-github.com-joaomatosf-jexboss
- https://github.com/hacking-kubernetes/hacking-kubernetes.info
- https://github.com/haroldBristol/Final_Proj_Paguio
- https://github.com/hellochunqiu/PayloadsAllTheThings
- https://github.com/hktalent/TOP
- https://github.com/hktalent/myhktools
- https://github.com/homjxi0e/CVE-2017-5638
- https://github.com/hook-s3c/CVE-2018-11776-Python-PoC
- https://github.com/huimzjty/vulwiki
- https://github.com/hxysaury/saury-vulnhub
- https://github.com/ice0bear14h/struts2scan
- https://github.com/igorschultz/containerSecurity-demo
- https://github.com/immunio/apache-struts2-CVE-2017-5638
- https://github.com/initconf/CVE-2017-5638_struts
- https://github.com/injcristianrojas/cve-2017-5638
- https://github.com/invisiblethreat/strutser
- https://github.com/iqrok/myhktools
- https://github.com/izapps/c1-apache-struts2
- https://github.com/jas502n/S2-045-EXP-POC-TOOLS
- https://github.com/jas502n/st2-046-poc
- https://github.com/java-benchmark/struts2-showcase
- https://github.com/jbmihoub/all-poc
- https://github.com/jiridoubek/waf-basic_p2
- https://github.com/jnicastro-Sonatype/struts2-rce-github-flo-public
- https://github.com/joaomatosf/jexboss
- https://github.com/jongmartinez/CVE-2017-5638
- https://github.com/jorgevillaescusa/c1-apache-struts2
- https://github.com/jpacora/Struts2Shell
- https://github.com/jptr218/struts_hack
- https://github.com/jrrdev/cve-2017-5638
- https://github.com/jrrombaldo/CVE-2017-5638
- https://github.com/jye64/Hacking2
- https://github.com/k0imet/pyfetch
- https://github.com/kine90/Cybersecurity
- https://github.com/kk98kk0/Payloads
- https://github.com/kkolk/devsecops-pipeline-demo
- https://github.com/knownsec/pocsuite3
- https://github.com/ksw9722/PayloadsAllTheThings
- https://github.com/kyawthiha7/pentest-methodology
- https://github.com/leandrocamposcardoso/CVE-2017-5638-Mass-Exploit
- https://github.com/likescam/Apache-Struts-v3
- https://github.com/linchong-cmd/BugLists
- https://github.com/lizhi16/CVE-2017-5638
- https://github.com/lnick2023/nicenice
- https://github.com/lolwaleet/ExpStruts
- https://github.com/ludy-dev/XworkStruts-RCE
- https://github.com/lukaszknysak/F5-Advanced-Web-Application-Firewall
- https://github.com/m3ssap0/struts2_cve-2017-5638
- https://github.com/m4udSec/S2-045-RCE
- https://github.com/m4udSec/S2-045-and-S2-052-Struts-2-in-1
- https://github.com/maoo/security-scanning
- https://github.com/matt-bentley/KubernetesHackDemo
- https://github.com/mazen160/struts-pwn
- https://github.com/mcassano/cve-2017-5638
- https://github.com/merlinepedra/nuclei-templates
- https://github.com/merlinepedra25/nuclei-templates
- https://github.com/mfdev-solution/Exploit-CVE-2017-5638
- https://github.com/mike-williams/Struts2Vuln
- https://github.com/milkdevil/jexboss
- https://github.com/mrhacker51/ReverseShellCommands
- https://github.com/mritunjay-k/CVE-2017-5638
- https://github.com/mthbernardes/strutszeiro
- https://github.com/mussar0x4D5352/rekall-penetration-test
- https://github.com/nevidimk0/PayloadsAllTheThings
- https://github.com/nightfallai/pii-leak-prevention-guide
- https://github.com/nixawk/labs
- https://github.com/nnayar-r2c/finos-security-scanning
- https://github.com/octodemo/Moose-Dependabot-Twitch
- https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2
- https://github.com/oneplus-x/MS17-010
- https://github.com/oneplus-x/Sn1per
- https://github.com/oneplus-x/jok3r
- https://github.com/opt9/Strutscli
- https://github.com/opt9/Strutshock
- https://github.com/ozkanbilge/Apache-Struts
- https://github.com/ozkanbilge/Payloads
- https://github.com/paralelo14/CVE_2017_5638
- https://github.com/paralelo14/google_explorer
- https://github.com/pasannirmana/Aspire
- https://github.com/payatu/CVE-2017-5638
- https://github.com/pctF/vulnerable-app
- https://github.com/pekita1/awesome-stars
- https://github.com/pmihsan/Jex-Boss
- https://github.com/pr0x1ma-byte/cybersecurity-struts2
- https://github.com/pr0x1ma-byte/cybersecurity-struts2-send
- https://github.com/pthiagu2/Security-multi-stage-data-analysis
- https://github.com/qashqao/jexboss
- https://github.com/qazbnm456/awesome-cve-poc
- https://github.com/random-robbie/CVE-2017-5638
- https://github.com/ranjan-prp/PayloadsAllTheThings
- https://github.com/raoufmaklouf/cve5scan
- https://github.com/ravijainpro/payloads_xss
- https://github.com/readloud/CVE-2017-5638
- https://github.com/rebujacker/CVEPoCs
- https://github.com/ret2jazzy/Struts-Apache-ExploitPack
- https://github.com/retr0-13/Goby
- https://github.com/riyazwalikar/struts-rce-cve-2017-5638
- https://github.com/rusty-sec/lotus-scripts
- https://github.com/s1kr10s/Apache-Struts-v4
- https://github.com/sUbc0ol/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner
- https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638
- https://github.com/samba234/Sniper
- https://github.com/samq-randcorp/struts-demo
- https://github.com/samq-wsdemo/struts-demo
- https://github.com/samqbush/struts2-showcase
- https://github.com/samuelproject/ApacheStruts2
- https://github.com/sealmindset/struts2rce
- https://github.com/secretmike/demo-app
- https://github.com/seeewhy/sonatype-nexus-community
- https://github.com/shawnmckinney/remote-code-execution-sample
- https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638
- https://github.com/sn-ravance/struts2-rce
- https://github.com/snovvcrash/FwdSh3ll
- https://github.com/sobinge/--1
- https://github.com/sobinge/PayloadsAllTheThings
- https://github.com/sobinge/PayloadsAllThesobinge
- https://github.com/sobinge/nuclei-templates
- https://github.com/sonatype-workshops/struts2-rce
- https://github.com/sotudeko/struts2-rce
- https://github.com/stillHere3000/KnownMalware
- https://github.com/stnert/cybersec-pwn-pres
- https://github.com/syadg123/exboss
- https://github.com/tahmed11/strutsy
- https://github.com/tdcoming/Vulnerability-engine
- https://github.com/testpilot031/vulnerability_struts-2.3.31
- https://github.com/tomgranados/struts-rce
- https://github.com/touchmycrazyredhat/myhktools
- https://github.com/trapp3rhat/CVE-shellshock
- https://github.com/trhacknon/myhktools
- https://github.com/tsheth/JavaStruts-App-Terraform
- https://github.com/uiucseclab/RemoteKit
- https://github.com/un4ckn0wl3z/CVE-2017-5638
- https://github.com/unusualwork/Sn1per
- https://github.com/wangeradd1/MyPyExploit
- https://github.com/we45/AppSec-Automation-Instructions
- https://github.com/weeka10/-hktalent-TOP
- https://github.com/whoadmin/pocs
- https://github.com/win3zz/CVE-2017-5638
- https://github.com/winterwolf32/PayloadsAllTheThings
- https://github.com/woods-sega/woodswiki
- https://github.com/wwwSong/song
- https://github.com/xbl3/awesome-cve-poc_qazbnm456
- https://github.com/xeroxis-xs/Computer-Security-Apache-Struts-Vulnerability
- https://github.com/xsscx/cve-2017-5638
- https://github.com/ynsmroztas/Apache-Struts-V4
- https://github.com/zacharie410/Exploiting-Web-Apps
- https://github.com/zema1/oracle-vuln-crawler