Apache Struts2 'URL' & 'Anchor' Tags Arbitrary Java Method Execution Vulnerabilities Network Vulnerability

Summary

This host is running Apache Struts2 and is prone to arbitrary java method execution vulnerabilities.

Impact

Successful exploitation will allow remote attackers to execute arbitrary commands via specially crafted OGNL (Object-Graph Navigation Language) expressions.

Solution

Upgrade to Apache Struts 2 version 2.3.14.2 or later, For updates refer to http://struts.apache.org

Insight

Flaw is due to improper handling of the includeParams attribute in the URL and Anchor tags

Affected

Apache Struts 2 before 2.3.14.2

Detection

Send a crafted data like system functions via HTTP POST request and check whether it is executing the java function or not.

References

http://metasploit.org/modules/exploit/multi/http/struts_include_params
http://secunia.com/advisories/53553
http://struts.apache.org/development/2.x/docs/s2-014.html
http://www.exploit-db.com/exploits/25980
http://www.osvdb.com/93645
https://cwiki.apache.org/confluence/display/WW/S2-013

Updated on 2015-03-25

Severity

Classification

CVE CVE-2013-1966, CVE-2013-2115
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Astium VoIP PBX SQL Injection Vulnerability
ATutor < 1.5.1-pl1 Multiple Flaws
Adobe ColdFusion Multiple Vulnerabilities-02 May-2014
admin.cgi overflow
AjaXplorer zoho plugin Directory Traversal Vulnerability

Apache Struts2 'URL' & 'Anchor' tags Arbitrary Java Method Execution Vulnerabilities

Take action and discover your vulnerabilities