ONGL Injection

OGNL (Object-Graph Navigation Language) Injection is a critical security vulnerability that occurs within the Payload Execution phase, specifically as part of Injection Exploitations. This attack technique targets applications that utilize the OGNL expression language, particularly common in Java frameworks like Apache Struts. Attackers craft malicious OGNL expressions that, when processed by the application, can traverse object graphs and invoke methods without proper authorization. By injecting these expressions into user-controllable parameters, attackers can bypass security mechanisms, execute arbitrary code on the underlying system, access sensitive data structures, and potentially achieve complete server compromise. The vulnerability is particularly dangerous because OGNL provides direct access to Java method calls and object properties, allowing attackers to leverage the full power of the server-side Java runtime environment. Notable examples include the Equifax breach of 2017, which exploited an OGNL injection vulnerability in Apache Struts (CVE-2017-5638) to compromise sensitive data of 147 million consumers.