Share
## https://sploitus.com/exploit?id=SAINT:5FFE46B76C6892DB5C15655882B0A5F8
Added: 12/20/2023  


### Background

Apache Struts is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model-view-controller (MVC) architecture. 

### Problem

A directory traversal vulnerability in Apache Struts allows remote attackers to upload files to arbitrary locations, leading to command execution. 

### Resolution

[Upgrade](<https://struts.apache.org/download.cgi>) to Struts 2.5.33 or 6.3.0.2 or higher. 

### References

<https://cwiki.apache.org/confluence/display/WW/S2-066>  
<https://www.vicarius.io/vsociety/posts/apache-struts-rce-cve-2023-50164>  


### Limitations

The vulnerability can only be exploited if a Struts application allows file uploads. This exploit only works if Struts is running on Tomcat. 

On success, this exploit creates a sntxp web application which must be manually removed from the target.