CVE-2017-5638: Apache Struts 2 Vulnerability

Struts-Shock-Blog

Apache Struts 2 is an open-source development framework for Java applications.
On March 6th, 2017, a vulnerability tracked as CVE-2017-5638 in Apache Struts 2 was made public. This vulnerability could allow an attacker to perform remote code execution with a malicious Content.
This particular vulnerability can be exploited if the attacker sends a  request to upload a file to a vulnerable server that uses a Jakarta-based plugin to process the upload request.
The attacker can then send malicious code in the Content-Type header to execute the command on a vulnerable server.
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 mishandles file upload, which allows remote attackers to execute arbitrary commands via a #cmd= string as exploited in the wild in March 2017.

Solution
===========
Both Cisco and Apache researchers asked administrators to upgrade their systems to Apache Struts version 2.3.32 or 2.5.10.1

Leave a Reply