CVE-2016-3088 PoC — Apache ActiveMQ 输入验证错误漏洞

Source

https://github.com/vonderchild/CVE-2016-3088

Associated Vulnerability

Title:Apache ActiveMQ 输入验证错误漏洞 (CVE-2016-3088)
Description:Apache ActiveMQ是美国阿帕奇（Apache）软件基金会的一套开源的消息中间件，它支持Java消息服务、集群、Spring Framework等。 Apache ActiveMQ 5.14.0之前5.x版本的Fileserver Web应用中存在安全漏洞。远程攻击者可通过发送HTTP PUT和HTTP MOVE请求利用该漏洞上传并执行任意文件。

Readme

# CVE-2016-3088 - Remote Code Execution in Apache ActiveMQ

![](https://i.imgur.com/mgCoq8l.png)

![](https://i.imgur.com/N1w2qRA.png)

File Snapshot


 [4.0K]  /data/pocs/3cb8b0b06d45d3fd50e7c81170644b1f332fc586
├── [2.4K]  CVE-2016–3088.py
└── [ 135]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!