{"vulnerability": "cve-2018-11776", "sightings": [{"uuid": "5931ebc8-94af-41e2-8f2e-82f168a04b89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/5b7ff438-d2bc-44c0-8929-0a520a950b0c", "content": "", "creation_timestamp": "2018-08-24T12:08:34.000000Z"}, {"uuid": "2c4adfad-cb79-422d-b330-247fb0d432b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/5b91098e-5000-472d-8d74-2f72c0a8ab16", "content": "", "creation_timestamp": "2018-09-06T11:13:32.000000Z"}, {"uuid": "3c6b0074-333f-4e70-b714-a612ef7c619b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2021-11-20T09:53:52.000000Z"}, {"uuid": "584bcc33-0428-4a5e-b852-f0c66a7943d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422", "content": "", "creation_timestamp": "2021-11-08T08:58:16.000000Z"}, {"uuid": "0ca8c392-a6d8-4d94-b551-28e39513d27e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://www.exploit-db.com/exploits/45367", "content": "", "creation_timestamp": "2018-09-10T00:00:00.000000Z"}, {"uuid": "2d29c247-ae0e-4578-ba3d-647e907489f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971150", "content": "", "creation_timestamp": "2024-12-24T20:24:59.449603Z"}, {"uuid": "f55c4db7-f31d-428b-953b-037b4a3888c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/struts2_namespace_ognl.rb", "content": "", "creation_timestamp": "2018-09-07T20:01:40.000000Z"}, {"uuid": "308075dd-0485-4fc8-becf-1b1406752beb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}, {"uuid": "c792ddb0-ad64-4649-aaad-97c5c61a17a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:09:40.000000Z"}, {"uuid": "d10811bb-2b2f-4de7-afd8-cac5f44af549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:03.000000Z"}, {"uuid": "7c5a9378-870c-4e9a-978f-a47e2714530a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2018-11776", "type": "seen", "source": "https://gist.github.com/c0axial/f499717d0046678e19e2f0d43b9d4b55", "content": "", "creation_timestamp": "2025-08-14T14:03:30.000000Z"}, {"uuid": "282c2873-9cb4-4c47-a756-4254c51531c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://gist.github.com/christiankopac/0797838ab2b306060a09390db0528458", "content": "", "creation_timestamp": "2026-01-20T10:25:51.000000Z"}, {"uuid": "397c3bfd-841f-455e-af6b-891333957d97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "Telegram/JusVb9Cc6NiD4ZV5qyRFR5F7ymVUdBlx_MvN3LUfquoayMc", "content": "", "creation_timestamp": "2025-09-10T14:18:42.000000Z"}, {"uuid": "c03e1e83-5086-48b2-8bed-0d60c24d7b37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/apache-struts-sovelluskehyksessa-haavoittuvuus", "content": "", "creation_timestamp": "2018-12-31T08:49:09.000000Z"}, {"uuid": "5c1a2668-70cb-4e46-bf48-78507207c6a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/ebf9e340-0d7c-45b5-917a-ae1fdb127b37", "content": "", "creation_timestamp": "2026-02-02T12:28:35.820235Z"}, {"uuid": "8d4ea368-afe6-48e5-a445-72b58fc47664", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/google/detectors/rce/cve201811776", "content": "", "creation_timestamp": "2021-02-05T21:43:47.000000Z"}, {"uuid": "3d13a956-40f6-4038-a634-9950015348c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=319", "content": "", "creation_timestamp": "2018-08-23T04:00:00.000000Z"}, {"uuid": "75d7e688-4a66-4437-b3a9-d7331ef7e024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://t.me/BleepingComputer/3615", "content": "Active Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776\n\nAfter last week a security researcher revealed a vulnerability in Apache Struts, a piece of very popular enterprise software, active exploitation attempts have started this week. [...]\n\nhttps://www.bleepingcomputer.com/news/security/active-attacks-detected-using-apache-struts-vulnerability-cve-2018-11776/", "creation_timestamp": "2018-08-28T17:35:10.000000Z"}, {"uuid": "876b9146-7828-4ad4-8655-41056955fe32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/2082", "content": "Thoughts on the Latest Apache Struts Vulnerability  CVE-2018-11776 operates at a far deeper level within the code than all prior Struts vulnerabilities. This requires a greater understanding of the Struts code itself as well as the various libraries used by Struts. https://www.darkreading.com/application-security/thoughts-on-the-latest-apache-struts-vulnerability-/a/d-id/1332716?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple", "creation_timestamp": "2018-09-05T16:43:12.000000Z"}, {"uuid": "69c64b71-dd2d-463d-8072-ad6f37992d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://t.me/ctinow/1766", "content": "Active Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776 - by @campuscodi\nhttps://t.co/tKSkQSBXxv http://twitter.com/BleepinComputer/status/1034480540420907008", "creation_timestamp": "2018-08-28T18:46:36.000000Z"}, {"uuid": "81212d09-8282-48ac-80d5-9804e53aabaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://t.me/ctinow/1802", "content": "RT @BleepinComputer: Active Attacks Detected Using Apache Struts Vulnerability CVE-2018-11776 - by @campuscodi\nhttps://t.co/tKSkQSBXxv http://twitter.com/BleepinComputer/status/1034622664676126725", "creation_timestamp": "2018-08-29T04:11:14.000000Z"}, {"uuid": "67cef69c-7621-444a-8e09-d66938d82af3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/arpsyndicate/1515", "content": "#ExploitObserverAlert\n\nCVE-2018-11776\n\nDESCRIPTION: Exploit Observer has 175 entries related to CVE-2018-11776. Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.\n\nFIRST-EPSS: 0.975500000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-06T17:09:36.000000Z"}, {"uuid": "a9418a03-338a-4ef9-b9fb-5387b0774af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/true_secator/2035", "content": "\u200b\u200b\u0410\u0434\u043c\u0438\u043d\u0430\u043c \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443! \n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0437\u043d\u0430\u043b\u0438 \u0447\u0435\u043c \u0441\u0435\u0431\u044f \u0437\u0430\u043d\u044f\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u0431\u0443\u0434\u043d\u0438, \u0442\u043e \u0441\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0432\u0438\u0437\u0438\u044e \u0441\u0435\u0442\u0435\u0439 \u0441\u0432\u043e\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Trend Micro \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438\u0437 \u0422\u041e\u041f-15 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Linux:\n\n- CVE-2017-9805: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 REST \u0434\u043b\u044f Apache Struts 2, XStream RCE.\n- CVE-2018-7600: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Drupal Core RCE.\n- CVE-2020-14750: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Oracle WebLogic Server RCE.\n- CVE-2020-25213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u043f\u043b\u0430\u0433\u0438\u043d\u0430 WordPress File Manager (wp-file-manager).\n- CVE-2020-17496: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432  \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 vBulletin subwidgetConfig\n- CVE-2020-11651: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 SaltStack Salt.\n- CVE-2017-12611: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2017-7657: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u0438\u043d\u044b \u0431\u043b\u043e\u043a\u0430 Eclipse Jetty.\n- CVE-2021-29441: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Alibaba Nacos AuthFilter.\n- CVE-2020-14179: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Atlassian Jira, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n- CVE-2013-4547: Nginx \u0441\u043e\u0437\u0434\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0441\u0442\u0440\u043e\u043a\u0435 URI.\n- CVE-2019-0230: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache Struts 2 RCE.\n- CVE-2018-11776: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2020-7961: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Liferay Portal.\n\n\u0420\u0430\u0431\u043e\u0442\u043d\u0435\u043c, \u043f\u043e\u0436\u0430\u043b\u0443\u0439.", "creation_timestamp": "2021-08-25T13:22:18.000000Z"}, {"uuid": "2d578070-eac5-47f2-8444-2e52f5319b0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/thehackernews/53", "content": "\u26a1Important \u2014 a new critical RCE vulnerability (CVE-2018-11776) discovered in the \"Apache Struts\" framework that could let remote hackers take over affected web servers.\n\nhttps://thehackernews.com/2018/08/apache-struts-vulnerability.html", "creation_timestamp": "2018-08-22T16:34:28.000000Z"}, {"uuid": "91ea588b-eb1b-4206-983b-ab5cb9c6a314", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/4293", "content": "struts-pwn_CVE-2018-11776\nhttps://github.com/mazen160/struts-pwn_CVE-2018-11776", "creation_timestamp": "2018-08-27T11:42:16.000000Z"}, {"uuid": "ea450bd9-c88d-46df-adb1-260f4a2b7570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/SecLabNews/2972", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Semmle \u041c\u0430\u043d\u044c \u042e\u044d \u041c\u043e (Man Yue Mo) \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b \u0432 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 \u0434\u043b\u044f web-\u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439 Apache Struts \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2018-11776). \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u044f\u0434\u0440\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434.    \n\u0412 Apache Struts \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c", "creation_timestamp": "2018-08-23T09:39:35.000000Z"}, {"uuid": "bf37e011-a98d-4848-838a-f5033c427946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/SecLabNews/2993", "content": "\u0412 \u043f\u044f\u0442\u043d\u0438\u0446\u0443, 24 \u0430\u0432\u0433\u0443\u0441\u0442\u0430, \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Apache Struts (CVE-2018-11776). \u0412\u043c\u0435\u0441\u0442\u0435 \u0441 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442\u043e\u043c \u0442\u0430\u043a\u0436\u0435 \u0431\u044b\u043b \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u0443\u043f\u0440\u043e\u0449\u0430\u044e\u0449\u0438\u0439 \u0435\u0433\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u043a\u0440\u0438\u043f\u0442 \u043d\u0430 Python.    \n\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043d\u043e\u0432\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Apache Struts", "creation_timestamp": "2018-08-27T09:43:29.000000Z"}, {"uuid": "abb47295-462e-4b31-b90c-7be92ac60766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://t.me/SecLabNews/3010", "content": "\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 SecurityLab \u0441\u043e\u043e\u0431\u0449\u0430\u043b \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Apache Struts (CVE-2018-11776), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043a\u043e\u0434 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438 \u043d\u0430 \u0431\u0430\u0437\u0435 Apache Struts. \u0422\u0435\u043f\u0435\u0440\u044c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u0438 \u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.    \n\u041d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Apache Struts \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445", "creation_timestamp": "2018-08-29T08:13:04.000000Z"}, {"uuid": "fd896d36-1a5a-4b88-933a-a061714eaf2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "exploited", "source": "https://t.me/SecLabNews/3091", "content": "\u0412 \u0441\u0440\u0435\u0434\u0443, 5 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f, \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0449\u0438\u0435 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0435\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445. \u0422\u0440\u0438 \u0438\u0437 \u043d\u0438\u0445 \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u044b \u043a\u0430\u043a \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u043d\u0430\u0448\u0443\u043c\u0435\u0432\u0448\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2018-11776 \u0432  Apache Struts, \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u043a\u0438\u0431\u0435\u0440\u0430\u0442\u0430\u043a\u0430\u0445. \u041e\u0441\u0442\u0430\u043b\u044c\u043d\u044b\u0435 \u0434\u0432\u0435 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 Cisco Umbrella API, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0442\u043e\u0440\u0430\u043c\u0438 Cisco RV110W, RV130W \u0438 RV215W.    \nCisco \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 32 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445", "creation_timestamp": "2018-09-07T10:05:23.000000Z"}, {"uuid": "fe05c1d6-ac09-41f6-b57f-c3632027340c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/VulnerabilityNews/1037", "content": "#0daytoday #Apache Struts 2.x Remote Code Execution Vulnerability CVE-2018-11776 [remote #exploits #Vulnerability #0day #Exploit]\nRead More", "creation_timestamp": "2018-08-24T17:53:29.000000Z"}, {"uuid": "72c7bb71-d1fc-4b00-8fff-6773d9eeeb4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/2336", "content": "\u041f\u0440\u0438\u0432\u0435\u0442! \u0421\u0435\u0433\u043e\u0434\u043d\u044f \u043a\u0430\u043a-\u0442\u043e \u043c\u043d\u043e\u0433\u043e \u0445\u043e\u0440\u043e\u0448\u0438\u0445 \u043d\u043e\u0432\u043e\u0441\u0442\u0435\u0439 \u0441\u0440\u0430\u0437\u0443 \u043d\u0430\u0431\u0440\u0430\u043b\u043e\u0441\u044c:\n\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0435 Apache struts, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0430\u0439\u0442\u043e\u043c\nhttps://lgtm.com/blog/apache_struts_CVE-2018-11776\n\n\u0410\u043f\u0434\u0435\u0439\u0442 \u0443\u0436\u0435 \u0432\u044b\u0448\u0435\u043b, \u0435\u0441\u0442\u044c \u0441\u043c\u044b\u0441\u043b \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f\nhttps://thehackernews.com/2018/08/apache-struts-vulnerability.html\n\n- \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 MS Office 2016 \u0434\u043b\u044f \u041c\u0430\u043a\u0430. \u0422\u0430\u043c \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0430 \u043f\u043e\u0434\u043f\u0438\u0441\u0438 \u0432 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a\u0435, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u044d\u0441\u043a\u0430\u043b\u0430\u0446\u0438\u0438 \u043f\u0440\u0438\u0432\u0435\u043b\u0435\u0433\u0438\u0439 \u0434\u043e \u0440\u0443\u0442\u043e\u0432\u044b\u0445. \u041e\u043f\u0430\u0441\u043d\u043e, \u0435\u0441\u043b\u0438, \u043d\u0430\u043f\u0440\u0438\u043c\u0435\u0440, \u043a\u0442\u043e-\u0442\u043e \u0440\u0435\u0448\u0438\u043b \u0441\u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0442\u044c \u0438 \u0441\u043a\u0430\u0447\u0430\u0442\u044c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0449\u0438\u043a \u0438\u0437 \u043a\u0430\u043a\u043e\u0433\u043e-\u043d\u0438\u0431\u0443\u0434\u044c \u0442\u043e\u0440\u0440\u0435\u043d\u0442\u0430. \u0422\u043e\u0436\u0435 \u0432\u044b\u0448\u0435\u043b \u0430\u043f\u0434\u0435\u0439\u0442, \u0432\u0435\u0440\u0441\u0438\u044f 18081201. \u0412\u044b \u0437\u043d\u0430\u0435\u0442\u0435, \u0447\u0442\u043e \u0434\u0435\u043b\u0430\u0442\u044c.\n\nhttps://medium.com/0xcc/cve-2018-8412-ms-office-2016-for-mac-privilege-escalation-via-a-legacy-package-7fccdbf71d9b", "creation_timestamp": "2018-08-23T07:27:08.000000Z"}, {"uuid": "e1b81fb6-d410-41e0-8df1-e7f70354ca98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/arpsyndicate/1038", "content": "#ExploitObserverAlert\n\nCVE-2018-11776\n\nDESCRIPTION: Exploit Observer has 175 entries related to CVE-2018-11776. Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.\n\nFIRST-EPSS: 0.975500000\nNVD-IS: 5.9\nNVD-ES: 2.2", "creation_timestamp": "2023-12-03T21:53:55.000000Z"}, {"uuid": "787ee50d-6c31-4eee-a273-6c5fbc51eb05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/netrunnerz/424", "content": "Apache-Struts-v4\nCVE-2013-2251\nCVE-2017-5638\nCVE-2017-9805\nCVE-2018-11776\nCVE-2019-0230\n\n\u0421\u043a\u0440\u0438\u043f\u0442 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 5 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0449\u0438\u0435 RCE \u0432 Apache Struts. \u041d\u0430 \u0434\u0430\u043d\u043d\u044b\u0439 \u043c\u043e\u043c\u0435\u043d\u0442 \u043e\u043d \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u0442 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f PHP shell.\n\n#CVE #POC", "creation_timestamp": "2023-02-14T17:30:31.000000Z"}, {"uuid": "7d9c1a7b-9f51-482d-a07c-d33da13f20cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/information_security_channel/19997", "content": "Thoughts on the Latest Apache Struts Vulnerability\nhttps://www.darkreading.com/application-security/thoughts-on-the-latest-apache-struts-vulnerability-/a/d-id/1332716?_mc=rss_x_drr_edt_aud_dr_x_x-rss-simple\n\nCVE-2018-11776 operates at a far deeper level within the code than all prior Struts vulnerabilities. This requires a greater understanding of the Struts code itself as well as the various libraries used by Struts.", "creation_timestamp": "2018-09-05T16:38:01.000000Z"}, {"uuid": "2b4eb65e-dbea-473a-b463-2a56447a3b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/2672", "content": "https://securitylab.github.com/research/apache-struts-CVE-2018-11776", "creation_timestamp": "2020-06-12T13:00:48.000000Z"}, {"uuid": "f6a9233e-bb28-41a2-a37c-8acae7d07379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/information_security_channel/19633", "content": "Critical Apache Struts 2 Flaw Allows Remote Code Execution\nhttp://feedproxy.google.com/~r/Securityweek/~3/OKcyhqelPSw/critical-apache-struts-2-flaw-allows-remote-code-execution\n\nUpdates released on Wednesday for the Apache Struts 2 open source development framework address a critical vulnerability that can be exploited for remote code execution.\nThe flaw, tracked as CVE-2018-11776, affects Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and possibly unsupported versions of the framework.\nread more (https://www.securityweek.com/critical-apache-struts-2-flaw-allows-remote-code-execution)", "creation_timestamp": "2018-08-22T18:43:51.000000Z"}, {"uuid": "3ecde4f2-4ee8-450b-abf4-314af321dc67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/xakep_ru/4463", "content": "\u0412 Apache Struts 2 \u043d\u0430\u0448\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439 RCE-\u0431\u0430\u0433\n\n\u0412 Apache Struts 2 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2018-11776, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0432\u0448\u0443\u044e \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0439 \u043e\u0442 Struts 2.3 \u0434\u043e 2.3.34, \u043e\u0442 Struts 2.5 \u0434\u043e 2.5.16, \u0430 \u0442\u0430\u043a\u0436\u0435, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e, \u0434\u043b\u044f \u0431\u043e\u043b\u0435\u0435 \u0441\u0442\u0430\u0440\u044b\u0445 \u0432\u0430\u0440\u0438\u0430\u0446\u0438\u0439 \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430.  \n\nhttps://xakep.ru/2018/08/24/apache-struts-2-rce/", "creation_timestamp": "2018-08-24T18:16:50.000000Z"}, {"uuid": "c3195c0c-de28-473d-bf00-55f0c06824bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/4283", "content": "CVE-2018-11776: How to find 5 RCEs in Apache Struts with Semmle QL\nhttps://lgtm.com/blog/apache_struts_CVE-2018-11776", "creation_timestamp": "2018-08-22T21:14:39.000000Z"}, {"uuid": "365cc712-fbb5-4784-b757-ab271b1cb07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/4313", "content": "Apache Struts2 CVE-2018-11776 POC\nhttps://www.secjuice.com/apache-struts2-cve-2018-11776/", "creation_timestamp": "2018-08-30T17:25:06.000000Z"}, {"uuid": "c3074792-0aec-4733-95b3-1e201534e500", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/canyoupwnme/4346", "content": "Hack the Struts 2 RCE Vulnerability (CVE-2018-11776) in a live sandbox\nhttps://hackedu.io/vulnerability/0a61ce9a-2a6a-4235-ace4-cc224ec81079", "creation_timestamp": "2018-09-07T00:27:06.000000Z"}, {"uuid": "24636f22-6c65-4336-8643-9a4b34fc81ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "seen", "source": "https://t.me/thebugbountyhunter/1834", "content": "Semmle Discovers Critical Remote Code Execution Vulnerability in Apache Struts (CVE-2018-11776)\nhttps://semmle.com/news/apache-struts-CVE-2018-11776", "creation_timestamp": "2018-08-22T23:58:11.000000Z"}, {"uuid": "38df13c0-22b7-4162-87a0-8a4831edd9f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11776", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/33", "content": "#exploit\n1. CVE-2017-16666:\nXplico - Unauthenticated RCE\nhttps://pentest.blog/advisory-xplico-unauthenticated-remote-code-execution-cve-2017-16666\n\n2. CVE-2018-7250:\nSecDrvPoolLeak - An uninitialized kernel pool allocation in IOCTL 0xCA002813\nhttps://github.com/Elvin9/SecDrvPoolLeak\n\n3. CVE-2018-11776:\nApache Struts Vulnerability\nhttps://semmle.com/news/apache-struts-CVE-2018-11776\n]-&gt; PoC: https://securitylab.github.com/research/apache-struts-CVE-2018-11776\n\n4. CVE-2018-6194, CVE-2018-6195:\nPHP Object Injection + XSS in WordPress Splashing Images Plugin\nhttps://seclists.org/fulldisclosure/2018/Jan/91", "creation_timestamp": "2024-06-22T09:27:44.000000Z"}]}