Description

Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. This version of Apache Struts is vulnerable to arbitrary code execution by providing a malicious Content-Disposition value or with improper Content-Length header. If the Content-Disposition / Content-Length value is not valid an exception is thrown which is then used to display an error message to a user.

Remediation

Upgrade to Apache Struts version 2.3.32 or 2.5.10.1 or newer versions.

References

OWASP - Direct Dynamic Code Evaluation

OWASP - Code Injection

S2-046

Related Vulnerabilities

WordPress Plugin WooCommerce Possible Remote Code Execution (3.4.5)

Unauthenticated remote code execution vulnerability in Confluence Server and Data Center

WordPress Plugin Woody ad snippets-Insert Header Footer Code, AdSense Ads PHP Code Injection (1.3)

Liferay XMLRPC Blind SSRF

Command Injection

Severity

High

Classification

CVE-2017-5638 CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Tags

Code Execution