Page 4 of 33 results (0.006 seconds)

CVSS: 8.1EPSS: 97%CPEs: 58EXPL: 11

CVE-2017-9805 – Apache Struts Deserialization of Untrusted Data Vulnerability

https://notcve.org/view.php?id=CVE-2017-9805

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads. El Plugin REST en Apache Struts versiones 2.1.1 hasta 2.3.x anteriores a 2.3.34 y versiones 2.5.x anteriores a 2.5.13, usa una XStreamHandler con una instancia de XStream para deserialización sin ningún filtrado de tipos, lo que puede conllevar a una ejecución de código remota cuando se deserializan cargas XML. Apache Struts versions 2.5 through 2.5.12 using the REST plugin are vulnerable to a Java deserialization attack in the XStream library. Apache Struts REST Plugin uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to remote code execution when deserializing XML payloads. • https://www.exploit-db.com/exploits/42627 https://github.com/0x00-0x00/-CVE-2017-9805 https://github.com/Shakun8/CVE-2017-9805 https://github.com/0xd3vil/CVE-2017-9805-Exploit https://github.com/jongmartinez/-CVE-2017-9805- https://github.com/z3bd/CVE-2017-9805 https://github.com/wifido/CVE-2017-9805-Exploit https://github.com/AvishkaSenadheera/CVE-2017-9805---Documentation---IT19143378 https://github.com/UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805- https: • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 66EXPL: 0

CVE-2015-5209

https://notcve.org/view.php?id=CVE-2015-5209

Apache Struts 2.x before 2.3.24.1 allows remote attackers to manipulate Struts internals, alter user sessions, or affect container settings via vectors involving a top object. Apache Struts en versiones 2.x anteriores a la 2.3.24.1 permite que los atacantes remotos manipulen estados internos de Struts o alteren la configuración del contenedor mediante vectores que involucren un objeto de la cima. • http://www.securityfocus.com/bid/82550 http://www.securitytracker.com/id/1033908 https://security.netapp.com/advisory/ntap-20180629-0002 https://struts.apache.org/docs/s2-026.html • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 3%CPEs: 53EXPL: 0

CVE-2017-9787

https://notcve.org/view.php?id=CVE-2017-9787

When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33. Cuando se utiliza una funcionalidad de Programación Orientada a Aspectos (POA) Spring para hacer las acciones Struts seguras, es posible realizar un ataque de DoS. La solución es actualizar a la versión 2.5.12 o 2.3.33 de Apache Struts. • http://struts.apache.org/docs/s2-049.html http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html http://www.securityfocus.com/bid/99562 http://www.securitytracker.com/id/1039115 https://lists.apache.org/thread.html/3795c4dd46d9ec75f4a6eb9eca11c11edd3e796c6c1fd7b17b5dc50d%40%3Cannouncements.struts.apache.org%3E https://lists.apache.org/thread.html/de3d325f0433cd3b42258b6a302c0d7a72b69eedc1480ed561d3b065%40%3Cannouncements.struts.apache.org%3E https://security.netapp.com/advisory/ntap-20180706-0002 •

CVSS: 9.8EPSS: 97%CPEs: 33EXPL: 3

CVE-2017-9791 – Apache Struts 1 Improper Input Validation Vulnerability

https://notcve.org/view.php?id=CVE-2017-9791

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. El plugin Struts 1 en Apache Struts versiones 2.1.x y 2.3.x, podría permitir la ejecución de código remota por medio de un valor de campo malicioso pasado en un mensaje sin procesar en la ActionMessage. The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. • https://www.exploit-db.com/exploits/44643 https://www.exploit-db.com/exploits/42324 https://github.com/xfer0/CVE-2017-9791 http://struts.apache.org/docs/s2-048.html http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html http://www.securityfocus.com/bid/99484 http://www.securitytracker.com/id/1038838 https://security.netapp.com/advisory/ntap-20180706-0002 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 96%CPEs: 53EXPL: 28

CVE-2017-5638 – Apache Struts Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2017-5638

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. El analizador sintáctico Jakarta Multipart en Apache Struts 2 en versiones 2.3.x anteriores a la 2.3.32 y versiones 2.5.x anteriores a la 2.5.10.1 no maneja correctamente las excepciones y la generación de mensajes de error, lo que permite a atacantes remotos ejecutar comandos arbitrarios a través de una cadena #cmd= en un encabezado HTTP de Content-Type, Content-Disposition o Content-Length manipulado. Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution. • https://www.exploit-db.com/exploits/41570 https://www.exploit-db.com/exploits/41614 https://github.com/immunio/apache-struts2-CVE-2017-5638 https://github.com/payatu/CVE-2017-5638 https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638 https://github.com/win3zz/CVE-2017-5638 https://github.com/0x00-0x00/CVE-2017-5638 https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit- https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2 https:/&# • CWE-20: Improper Input Validation •