HPE Security Bulletin HPESBGN03733 1 - A potential security vulnerability in Jakarta Multipart parser in Apache Struts has been addressed in HPE Universal CMDB. This vulnerability could be remotely exploited to allow code execution via mishandled file upload. Revision 1 of this advisory.
203b21286e8f35dd6f52eec0b3e4bbb43621d80d6ac0d878939de5e01acf4c15HPE Security Bulletin HPESBHF03723 1 - A potential security vulnerability has been identified in HPE Aruba ClearPass Policy Manager. The vulnerability could be remotely exploited to allow execution of code. **Note:** The ClearPass Policy Manager administrative Web interface is affected by the vulnerability. ClearPass Guest, Insight, and Graphite are NOT impacted. Revision 1 of this advisory.
d6e597c7bb73b8b7ba06f660e94513f08f799d97c77d1c9cf31cc41c314e3fa6This Metasploit module exploits a remote code execution vulnerability in Apache Struts version 2.3.5 - 2.3.31, and 2.5 - 2.5.10. Remote Code Execution can be performed via http Content-Type header. Native payloads will be converted to executables and dropped in the server's temp dir. If this fails, try a cmd/* payload, which won't have to write to the disk.
0d1583b3fe45147f90ce781625616136ad2241ae276309d87b001d39d32dddbcApache Struts 2 versions 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 remote code execution exploit that provides a reverse shell.
4249528b5e1ce3828e6c7e9ef9bd8ccc0bce85f9d2c31917b250f9169e585612
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed