CVE-2016-3088 PoC — Apache ActiveMQ 输入验证错误漏洞

Source

https://github.com/vulhub/vulhub/blob/master/activemq/CVE-2016-3088/README.md

Associated Vulnerability

Title:Apache ActiveMQ 输入验证错误漏洞 (CVE-2016-3088)
Description:Apache ActiveMQ是美国阿帕奇（Apache）软件基金会的一套开源的消息中间件，它支持Java消息服务、集群、Spring Framework等。 Apache ActiveMQ 5.14.0之前5.x版本的Fileserver Web应用中存在安全漏洞。远程攻击者可通过发送HTTP PUT和HTTP MOVE请求利用该漏洞上传并执行任意文件。

File Snapshot


 # ActiveMQ Arbitrary File Write Vulnerability (CVE-2016-3088)

[中文版本(Chinese version)](README.zh-cn.

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2016-3088 PoC — Apache ActiveMQ 输入验证错误漏洞

Source

Associated Vulnerability

File Snapshot

Remarks