Exploit for CVE-2024-53677

Name: Exploit for CVE-2024-53677
Rating: 5 (380 reviews)

2024-12-23 | CVSS 9.5

## https://sploitus.com/exploit?id=4BC3D7C0-E729-5E89-9454-D8D8A6FFF7AD
# CVE-2024-53677 - Apache Struts 2 Root Cause Analysis Lab Environment

This repository provides a Docker-based environment to reproduce the CVE-2024-53677 vulnerability in Apache Struts 2. This vulnerability involves path traversal through the file upload functionality in Struts 2.

## Source

This lab environment is based on my blog post - [CVE-2024-53677 - Apache Struts File Upload Vulnerability leading to RCE](https://blogs.hiteshpatra.in/cve-2024-53677-apache-struts-file-upload-vulnerability-leading-to-rce)


## Setup Instructions

The environment can be built and run using Docker. Follow these steps to set up the application:

```sh
git clone https://github.com/0xdeviner/CVE-2024-53677.git
cd CVE-2024-53677 
docker build -t apache-struts2-cve-2024-53677 .
docker run -p 8080:8080 -itd --name apache-struts2 apache-struts2-cve-2024-53677
curl http://IP:8080/upload
```