CVE-2017-9791
CVE-2017-9791
In short
Apache Struts 2 allows attackers to execute arbitrary code on the server by sending specially crafted field values through the Struts 1 plugin. This is a critical vulnerability that can give attackers complete control over the affected web application.
Technical detail
A improper input validation flaw in the Struts 1 plugin (CWE-20) enables remote code execution when malicious field values are passed in raw messages to the ActionMessage handler. The attack requires network access to the affected Struts application but no authentication, with impact including complete system compromise.
Summary generated and translated by AI from the official description.
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
Apache Software Foundation · Apache Strutspublic PoCs found — 7
githubgithub.com/dragoneeg/Struts2-048★ 27githubgithub.com/IanSmith123/s2-048★ 2githubgithub.com/xfer0/CVE-2017-9791★ 0cve_referencewww.exploit-db.com/exploits/44643/unverifiedcve_referencewww.exploit-db.com/exploits/42324/unverifiedexploitdbwww.exploit-db.com/exploits/44643unverifiedexploitdbwww.exploit-db.com/exploits/42324unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://security.netapp.com/advisory/ntap-20180706-0002/http://struts.apache.org/docs/s2-048.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9791https://www.exploit-db.com/exploits/42324/https://www.exploit-db.com/exploits/44643/http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.htmlhttp://www.securityfocus.com/bid/99484http://www.securitytracker.com/id/1038838