Apache Struts2/XWork Remote Command Execution Vulnerability Network Vulnerability

Summary

This host is running Struts and is prone to remote command execution vulnerability.

Impact

Successful exploitation will allow attackers to manipulate server-side context objects with the privileges of the user running the application. Impact Level: Application.

Solution

Upgrade to Struts version 2.2 or later For updates refer to http://struts.apache.org/download.cgi

Insight

The flaw is due to an error in 'OGNL' extensive expression evaluation capability in XWork in Struts, uses as permissive whitelist, which allows remote attackers to modify server-side context objects and bypass the '#' protection mechanism in ParameterInterceptors via various varibles.

Affected

Struts version 2.0.0 through 2.1.8.1

References

http://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.html
http://osvdb.org/66280
http://struts.apache.org/2.2.1/docs/s2-005.html
http://www.exploit-db.com/exploits/14360/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1870
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

/doc directory browsable ?
Apache Tomcat SecurityConstraints Security Bypass Vulnerability
@Mail 'admin.php' Cross-Site Scripting Vulnerabilities
Apache Struts2 showcase namespace XSS Vulnerability
AdaptCMS 'init.php' Remote File Include Vulnerability

Take action and discover your vulnerabilities