Description

Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. This version of Apache Struts is vulnerable to arbitrary code execution by providing a malicious Content-Disposition value or with improper Content-Length header. If the Content-Disposition / Content-Length value is not valid an exception is thrown which is then used to display an error message to a user.

Remediation

Upgrade to Apache Struts version 2.3.32 or 2.5.10.1 or newer versions.

References

OWASP - Direct Dynamic Code Evaluation

OWASP - Code Injection

S2-046

Related Vulnerabilities

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29214)

WordPress Plugin Gantry 4 Framework Remote Command Execution (4.1.3)

WordPress Plugin wSecure Lite Remote Code Execution (2.3)

Gallery 3.0.4 remote code execution

WordPress Plugin Easy Forms for Mailchimp PHP Code Injection (6.5.2)

Severity

High

Classification

CVE-2017-5638 CWE-94 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Tags

Code Execution