CVE-2017-5638
EPSS Score
Source: FIRST.org · 2026-05-23CVSS v3.1
Source: VulnerabilityLookup (CIRCL)CVSS v2 (legacy)
Description
VulnerabilityLookup (CNA)Affected Products
Attack Intelligence
Exploits & PoC
An exploit for Apache Struts CVE-2017-5638
Struts2 S2-045(CVE-2017-5638)Exp with GUI
Demo Application and Exploit
Struts2 S2-045(CVE-2017-5638)Vulnerability environment - http://www.mottoin.com/97954.html
S2-045 漏洞 POC-TOOLS CVE-2017-5638
st2-046-poc CVE-2017-5638
Example PoC Code for CVE-2017-5638 | Apache Struts Exploit
These are just some script which you can use to detect and exploit the Apache Struts Vulnerability (CVE-2017-5638)
Apache Struts 2.3.5 < 2.3.31 / 2.5 < 2.5.10 - Remote Code Execution - Shell Script
cve-2017-5638 Vulnerable site sample
Exploitable target to CVE-2017-5638
Strutsy - Mass exploitation of Apache Struts (CVE-2017-5638) vulnerability
detection for Apache Struts recon and compromise
Apache Struts 2.0 RCE vulnerability - Allows an attacker to inject OS commands into a web application through the content-type header
Struts02 s2-045 exploit program
Apache Struts (CVE-2017-5638) Shell
Exploit created by: R4v3nBl4ck end Pacman
This project demonstrates a Web Application Firewall (WAF) simulation using Flask and a vulnerability checker for CVE-2017-5638. The WAF middleware bl
Apache Struts2 CVE-2017-5638 (Safe Educational Demo)
Tweaking original PoC (https://github.com/rapid7/metasploit-framework/issues/8064) to work on self-signed certificates
A php based exploiter for CVE-2017-5638.
Struts2 RCE CVE-2017-5638 non-intrusive check shell script
Struts2 RCE CVE-2017-5638 CLI shell
Golang exploit for CVE-2017-5638
Apache Struts version analyzer (Ansible) based on CVE-2017-5638
This is Valve for Tomcat7 to block Struts 2 Remote Code Execution vulnerability (CVE-2017-5638)
Example PHP Exploiter for CVE-2017-5638
S2-046|S2-045: Struts 2 Remote Code Execution vulnerability(CVE-2017-5638)
An exploit (and library) for CVE-2017-5638 - Apache Struts2 S2-045 bug.
Struts-RCE CVE-2017-5638
Struts2 Application Vulnerable to CVE-2017-5638. Explains how the exploit of the vulnerability works in relation to OGNL and the JakartaMultiPart pars
This is a sort of Java porting of the Python exploit at: https://www.exploit-db.com/exploits/41570/.
Apache Struts CVE-2017-5638 RCE exploitation
(CVE-2017-5638) XworkStruts RCE Vuln test script
PoC for CVE: 2017-5638 - Apache Struts2 S2-045
An implementation of CVE-2017-5638
This repository provides a PoC for CVE-2017-5638, a remote code execution vulnerability in Apache Struts 2, exploitable via a crafted Content-Type HTT
CVE-2017-5638 Exploit Rewritten In Python By haxerr9
Telegram Bot to manage botnets created with struts vulnerability(CVE-2017-5638)
test struts2 vulnerability CVE-2017-5638 in Mac OS X
CVE: 2017-5638 in different formats
CVE-2017-5638
CVE-2017-5638
An exploit for CVE-2017-5638 Remote Code Execution (RCE) Vulnerability in Apache Struts 2
CVE-2017-5638 Test environment
Check for Struts Vulnerability CVE-2017-5638
An exploit for Apache Struts CVE-2017-5638
This is the Apache Struts CVE-2017-5638 struts 2 vulnerability. The same CVE that resulted in the equifax database breach.
Working POC for CVE 2017-5638
CVE-2017-5638 (PoC Exploits)
Demo app of THAT data broker's security breach
Exploitable target to CVE-2017-5638
Build the struts-2.3.31 (CVE-2017-5638) environment
This script is intended to validate Apache Struts 2 vulnerability (CVE-2017-5638), AKA Struts-Shock.
this exemple of application permet to test the vunerability CVE_2017-5638
An exploit for CVE-2017-5638
A exploit for CVE-2017-5638. This exploit works on versions 2.3.5-2.3.31 and 2.5 – 2.5.10
Proof of concept of CVE-2017-5638 including the whole setup of the Apache vulnerable server
A Deliberately Vulnerable Web Application built on Struts 2 (CVE-2017-5638) and Log4J (CVE-2021-44228) for testing and demonstration of OWASP Top 10 W
Real-time anomaly detection system for Apache Struts CVE-2017-5638 exploit using streaming analytics, 3-gram byte analysis, and Count-Min Sketch. Dete
A hands-on simulation of CVE-2017-5638 (Apache Struts2 RCE), showcasing exploit reproduction, OS-level command execution, and mitigations such as inpu
CVE-2017-5638- PoC
A practical lab demonstrating the exploitation of a critical Remote Code Execution (RCE) vulnerability in Apache Struts2 (CVE-2017-5638) using Vulhub
Using Struts2 and PowerShell to recreate CVE-2017-5638 OGNL Injection vulnerability.
Attack and Defense course project focused on CVE-2017-5638 analysis, exploitation, and mitigation.