An exploit for Apache Struts CVE-2017-5638
Struts2 S2-045-Nmap NSE script
Demo Application and Exploit