Get a demo Acunetix Website Security Scanner Get a demo
  • Product
  • Why Acunetix?
    • Solutions
      • INDUSTRIES
        • IT & Telecom
        • Government
        • Financial Services
        • Education
        • Healthcare
      • ROLES
        • CTO & CISO
        • Engineering Manager
        • Security Engineer
        • DevSecOps
    • Case Studies
    • Customers
    • Testimonials
  • Pricing
  • About Us
    • Our story
    • In the news
    • Careers
    • Contact
  • Resources
    • Blog
    • Webinars
    • White papers
    • Buyer’s guide
    • Partners
    • Support
  • Get a demo
WEB APPLICATION VULNERABILITIES Standard & Premium

Apache Struts2 Remote Command Execution (S2-052)

Description

Possible Remote Code Execution attack when using the Struts REST plugin with XStream handler to handle XML payloads.

Remediation

Upgrade to Struts 2.5.13 or Struts 2.3.34.

References

Security Bulletin S2-052

Related Vulnerabilities

WordPress Plugin WooCommerce Possible Remote Code Execution (3.4.5)

Horde remote code execution

WordPress Plugin Similar Posts-Best Related Posts for WordPress Remote Code Execution (3.1.5)

phpThumb() fltr[] parameter command injection vulnerability

WordPress Plugin Social Media Tab Remote Code Execution (1.0.9)

Severity

High

Classification

CVE-2017-9805 CWE-94 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Code Execution Known Vulnerabilities Acumonitor

Take action and discover your vulnerabilities

Get a demo
Product Information
  • AcuSensor Technology
  • AcuMonitor Technology
  • Acunetix Integrations
  • Vulnerability Scanner
  • Support Plans
Use Cases
  • Penetration Testing Software
  • Website Security Scanner
  • External Vulnerability Scanner
  • Web Application Security
  • Vulnerability Management Software
Website Security
  • Cross-site Scripting
  • SQL Injection
  • Reflected XSS
  • CSRF Attacks
  • Directory Traversal
Learn More
  • White Papers
  • TLS Security
  • WordPress Security
  • Web Service Security
  • Prevent SQL Injection
Company
  • About Us
  • Customers
  • Become a Partner
  • Careers
  • Contact
Documentation
  • Case Studies
  • Support
  • Videos
  • Vulnerability Index
  • Webinars
  • Login
  • Invicti Subscription Services Agreement
  • Privacy Policy
  • Terms of Use
  • Sitemap
  • Find us on Facebook
  • Follow us on Twiter
  • Follow us on LinkedIn

© Acunetix 2023, by Invicti