Apache Struts 2 devMode OGNL Remote Code Execution Exploit

The best practice for web applications built on top of the Apache Struts 2 framework is to switch off Developer Mode (struts.devMode parameter in the struts.xml configuration file) before going into production. When devMode is left enabled, attackers can gain remote code execution by setting the 'debug=command' URL parameter and sending OGNL expressions through the 'expression' URL parameter. This module takes advantage of this misconfiguration scenario in order to deploy an agent in the target system.
Exploit type: 
Vulnerabilty ID: 
NOCVE-9999-62986
Product Version: 
2014_R1
Released Date: 
Saturday, July 12, 2014 - 00:00