Skip to content
Nuclei Templates

Apache Struts - Multiple Open Redirection Vulnerabilities

ID: CVE-2013-2248

Severity: medium

Author: 0x_Akoko

Tags: cve2013,cve,apache,redirect,struts,edb

Description

Section titled “Description”

Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.

YAML Source

Section titled “YAML Source”
id: CVE-2013-2248


info:
  name: Apache Struts - Multiple Open Redirection Vulnerabilities
  author: 0x_Akoko
  severity: medium
  description: Apache Struts is prone to multiple open-redirection vulnerabilities because the application fails to properly sanitize user-supplied input.
  impact: |
    An attacker can exploit these vulnerabilities to redirect users to malicious websites, leading to phishing attacks or the download of malware.
  remediation: Developers should immediately upgrade to Struts 2.3.15.1 or later.
  reference:
    - https://www.exploit-db.com/exploits/38666
    - https://nvd.nist.gov/vuln/detail/CVE-2013-2248
    - https://cwiki.apache.org/confluence/display/WW/S2-017
    - http://struts.apache.org/release/2.3.x/docs/s2-017.html
    - http://www.fujitsu.com/global/support/software/security/products-f/interstage-bpm-analytics-201301e.html
  classification:
    cvss-metrics: CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N
    cvss-score: 5.8
    cve-id: CVE-2013-2248
    cwe-id: CWE-20
    epss-score: 0.97189
    epss-percentile: 0.99819
    cpe: cpe:2.3:a:apache:struts:2.0.0:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: apache
    product: struts
    shodan-query:
      - http.html:"apache struts"
      - http.title:"struts2 showcase"
      - http.html:"struts problem report"
    fofa-query:
      - body="struts problem report"
      - title="struts2 showcase"
      - body="apache struts"
    google-query: intitle:"struts2 showcase"
  tags: cve2013,cve,apache,redirect,struts,edb


http:
  - method: GET
    path:
      - "{{BaseURL}}/index.action?redirect:http://www.interact.sh/"


    matchers:
      - type: regex
        part: header
        regex:
          - '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
# digest: 4a0a00473045022100d559985ed845e91f4936096b77fed666200e156d166bd54def6c0daf579d02e10220460c5defd9ca2ae6f9cad480406049f21cad469481fbddb063aff64ebc87a283:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2013/CVE-2013-2248.yaml"

View on Github