// For flags

CVE-2014-0094

Apache Struts ClassLoader Manipulation Remote Code Execution

Severity Score

5.0
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

5
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.

ParametersInterceptor en Apache Struts versiones anteriores a 2.3.16.2, permite a atacantes remotos "manipulate" el ClassLoader por medio del parámetro class, que se pasa al método getClass.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2013-12-03 CVE Reserved
  • 2014-03-06 First Exploit
  • 2014-03-10 CVE Published
  • 2023-10-21 EPSS Updated
  • 2024-08-06 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (22)
URL Tag Source
http://jvn.jp/en/jp/JVN19294237/index.html Third Party Advisory
http://jvndb.jvn.jp/jvndb/JVNDB-2014-000045 Third Party Advisory
http://packetstormsecurity.com/files/127215/VMware-Security-Advisory-2014-0007.html Third Party Advisory
http://www-01.ibm.com/support/docview.wss?uid=swg21676706 Third Party Advisory
http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-350733.htm Third Party Advisory
http://www.konakart.com/downloads/ver-7-3-0-0-whats-new Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html Third Party Advisory
http://www.securityfocus.com/archive/1/531362/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/532549/100/0/threaded Mailing List
http://www.securityfocus.com/bid/65999 Third Party Advisory
http://www.securitytracker.com/id/1029876 Third Party Advisory
http://www.vmware.com/security/advisories/VMSA-2014-0007.html Third Party Advisory
http://www.pwntester.com/blog/2014/04/24/struts2-0day-in-the-wild
http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Update-your-Struts-1-ClassLoader-manipulation-filters/ba-p/6639204
https://github.com/rgielen/struts1filter/tree/develop
URL Date SRC
https://www.exploit-db.com/exploits/33142 2014-05-02
https://www.exploit-db.com/exploits/41690 2014-03-06
https://github.com/y0d3n/CVE-2014-0094 2023-06-15
https://github.com/HasegawaTadamitsu/CVE-2014-0094-test-program-for-struts1 2017-12-24
https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/struts_code_exec_classloader.rb 2014-03-06
URL Date SRC
URL Date SRC
http://secunia.com/advisories/56440 2019-08-12
http://struts.apache.org/release/2.3.x/docs/s2-020.html 2014-03-06
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
 Struts
Search vendor "Apache" for product "Struts"
 >= 2.0.0 < 2.3.16.1
Search vendor "Apache" for product "Struts" and version " >= 2.0.0 < 2.3.16.1"
-
Affected