Page 4 of 21 results (0.013 seconds)

CVSS: 8.1EPSS: 97%CPEs: 58EXPL: 10

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads. El Plugin REST en Apache Struts versiones 2.1.1 hasta 2.3.x anteriores a 2.3.34 y versiones 2.5.x anteriores a 2.5.13, usa una XStreamHandler con una instancia de XStream para deserialización sin ningún filtrado de tipos, lo que puede conllevar a una ejecución de código remota cuando se deserializan cargas XML. Apache Struts versions 2.5 through 2.5.12 using the REST plugin are vulnerable to a Java deserialization attack in the XStream library. Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. • https://www.exploit-db.com/exploits/42627 https://github.com/0x00-0x00/-CVE-2017-9805 https://github.com/Shakun8/CVE-2017-9805 https://github.com/0xd3vil/CVE-2017-9805-Exploit https://github.com/jongmartinez/-CVE-2017-9805- https://github.com/z3bd/CVE-2017-9805 https://github.com/wifido/CVE-2017-9805-Exploit https://github.com/AvishkaSenadheera/CVE-2017-9805---Documentation---IT19143378 https://github.com/UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805- https: • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 3%CPEs: 53EXPL: 0

When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33. Cuando se utiliza una funcionalidad de Programación Orientada a Aspectos (POA) Spring para hacer las acciones Struts seguras, es posible realizar un ataque de DoS. La solución es actualizar a la versión 2.5.12 o 2.3.33 de Apache Struts. • http://struts.apache.org/docs/s2-049.html http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html http://www.securityfocus.com/bid/99562 http://www.securitytracker.com/id/1039115 https://lists.apache.org/thread.html/3795c4dd46d9ec75f4a6eb9eca11c11edd3e796c6c1fd7b17b5dc50d%40%3Cannouncements.struts.apache.org%3E https://lists.apache.org/thread.html/de3d325f0433cd3b42258b6a302c0d7a72b69eedc1480ed561d3b065%40%3Cannouncements.struts.apache.org%3E https://security.netapp.com/advisory/ntap-20180706-0002 •

CVSS: 5.9EPSS: 3%CPEs: 7EXPL: 0

If an application allows enter an URL in a form field and built-in URLValidator is used, it is possible to prepare a special URL which will be used to overload server process when performing validation of the URL. Solution is to upgrade to Apache Struts version 2.5.12. Si una aplicación permite la introducción de una URL en un campo de un formulario y se emplea URLValidator (integrado), es posible preparar una URL especial que será utilizada para sobrecargar el proceso del servidor cuando se lleva a cabo la validación de la URL. La solución es actualizar a la versión 2.5.12 de Apache Struts. • http://struts.apache.org/docs/s2-047.html http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html http://www.securityfocus.com/bid/99563 http://www.securitytracker.com/id/1039114 https://lists.apache.org/thread.html/3795c4dd46d9ec75f4a6eb9eca11c11edd3e796c6c1fd7b17b5dc50d%40%3Cannouncements.struts.apache.org%3E https://security.netapp.com/advisory/ntap-20180706-0002 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 96%CPEs: 53EXPL: 27

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. El analizador sintáctico Jakarta Multipart en Apache Struts 2 en versiones 2.3.x anteriores a la 2.3.32 y versiones 2.5.x anteriores a la 2.5.10.1 no maneja correctamente las excepciones y la generación de mensajes de error, lo que permite a atacantes remotos ejecutar comandos arbitrarios a través de una cadena #cmd= en un encabezado HTTP de Content-Type, Content-Disposition o Content-Length manipulado. Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution. • https://www.exploit-db.com/exploits/41570 https://www.exploit-db.com/exploits/41614 https://github.com/immunio/apache-struts2-CVE-2017-5638 https://github.com/payatu/CVE-2017-5638 https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638 https://github.com/win3zz/CVE-2017-5638 https://github.com/0x00-0x00/CVE-2017-5638 https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit- https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2 https:/&# • CWE-20: Improper Input Validation •

CVSS: 9.8EPSS: 2%CPEs: 55EXPL: 0

Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up. Apache Struts 2 en versiones anteriores a 2.3.29 y 2.5.x en versiones anteriores a 2.5.1 permiten a atacantes tener impacto no especificado a través de vectores relacionados con la limpieza de un nombre de acción inapropiado. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282 http://www-01.ibm.com/support/docview.wss?uid=swg21987854 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/91280 https://struts.apache.org/docs/s2-035.html •