id: CVE-2019-0230 info: name: Apache Struts <=2.5.20 - Remote Code Execution author: geeknik severity: critical description: Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag attributes, which may lead to remote code execution. reference: - https://nvd.nist.gov/vuln/detail/CVE-2019-0230 - https://cwiki.apache.org/confluence/display/WW/S2-059 - https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability - http://packetstormsecurity.com/files/160108/Apache-Struts-2.5.20-Double-OGNL-Evaluation.html classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cve-id: CVE-2019-0230 cwe-id: CWE-915 tags: struts,rce,cve,cve2019,apache requests: - method: GET path: - "{{BaseURL}}/?id=nuclei%25{128*128}" matchers: - type: word part: body words: - "nuclei16384" # Enhanced by mp on 2022/05/16