Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2013-2186 PoC — Apache Commons FileUpload 输入验证错误漏洞

Source
https://github.com/sa1g0n1337/Payload_CVE_2013_2186
Associated Vulnerability
Title:Apache Commons FileUpload 输入验证错误漏洞 (CVE-2013-2186)
Description:Apache Commons FileUpload是美国阿帕奇(Apache)基金会的一个可将文件上传到Servlet和Web应用程序的软件包。 Apache Commons FileUpload中的DiskFileItem类中存在输入验证错误漏洞,该漏洞源于DiskFileItem类没有正确处理文件名中的空字符。远程攻击者可通过提供序列化实例利用该漏洞写入任意文件。以下产品及版本受到影响:Red Hat JBoss BRMS 5.3.1,Red Hat JBoss Portal 4.3 CP07,5.2
Description
Code generate payload for CVE-2013-2186
Readme
# Payload_CVE_2013_2186
Code generate payload for CVE-2013-2186
File Snapshot

 [4.0K]  /data/pocs/27dd1a22bf5decf27291585d4074d22416de282e
├── [1.1K]  pom.xml
├── [  66]  README.md
└── [4.0K]  src
    └── [4.0K]  main
        └── [4.0K]  java
            ├── [2.7K]  GenPayload.java
            └── [2.1K]  Main.java

3 directories, 4 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.