CVE-2017-9787
https://notcve.org/view.php?id=CVE-2017-9787
When using a Spring AOP functionality to secure Struts actions it is possible to perform a DoS attack. Solution is to upgrade to Apache Struts version 2.5.12 or 2.3.33. Cuando se utiliza una funcionalidad de Programación Orientada a Aspectos (POA) Spring para hacer las acciones Struts seguras, es posible realizar un ataque de DoS. La solución es actualizar a la versión 2.5.12 o 2.3.33 de Apache Struts. • http://struts.apache.org/docs/s2-049.html http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html http://www.securityfocus.com/bid/99562 http://www.securitytracker.com/id/1039115 https://lists.apache.org/thread.html/3795c4dd46d9ec75f4a6eb9eca11c11edd3e796c6c1fd7b17b5dc50d%40%3Cannouncements.struts.apache.org%3E https://lists.apache.org/thread.html/de3d325f0433cd3b42258b6a302c0d7a72b69eedc1480ed561d3b065%40%3Cannouncements.struts.apache.org%3E https://security.netapp.com/advisory/ntap-20180706-0002 •
CVE-2017-9791 – Apache Struts 1 Improper Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2017-9791
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. El plugin Struts 1 en Apache Struts versiones 2.1.x y 2.3.x, podría permitir la ejecución de código remota por medio de un valor de campo malicioso pasado en un mensaje sin procesar en la ActionMessage. The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. • https://www.exploit-db.com/exploits/44643 https://www.exploit-db.com/exploits/42324 https://github.com/xfer0/CVE-2017-9791 http://struts.apache.org/docs/s2-048.html http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html http://www.securityfocus.com/bid/99484 http://www.securitytracker.com/id/1038838 https://security.netapp.com/advisory/ntap-20180706-0002 • CWE-20: Improper Input Validation •
CVE-2017-5638 – Apache Struts Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-5638
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. El analizador sintáctico Jakarta Multipart en Apache Struts 2 en versiones 2.3.x anteriores a la 2.3.32 y versiones 2.5.x anteriores a la 2.5.10.1 no maneja correctamente las excepciones y la generación de mensajes de error, lo que permite a atacantes remotos ejecutar comandos arbitrarios a través de una cadena #cmd= en un encabezado HTTP de Content-Type, Content-Disposition o Content-Length manipulado. Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution. • https://www.exploit-db.com/exploits/41570 https://www.exploit-db.com/exploits/41614 https://github.com/immunio/apache-struts2-CVE-2017-5638 https://github.com/payatu/CVE-2017-5638 https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638 https://github.com/win3zz/CVE-2017-5638 https://github.com/0x00-0x00/CVE-2017-5638 https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit- https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2 https:/ • CWE-20: Improper Input Validation •
CVE-2016-4436
https://notcve.org/view.php?id=CVE-2016-4436
Apache Struts 2 before 2.3.29 and 2.5.x before 2.5.1 allow attackers to have unspecified impact via vectors related to improper action name clean up. Apache Struts 2 en versiones anteriores a 2.3.29 y 2.5.x en versiones anteriores a 2.5.1 permiten a atacantes tener impacto no especificado a través de vectores relacionados con la limpieza de un nombre de acción inapropiado. • http://www-01.ibm.com/support/docview.wss?uid=ssg1S1009282 http://www-01.ibm.com/support/docview.wss?uid=swg21987854 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/91280 https://struts.apache.org/docs/s2-035.html •
CVE-2016-4438
https://notcve.org/view.php?id=CVE-2016-4438
The REST plugin in Apache Struts 2 2.3.19 through 2.3.28.1 allows remote attackers to execute arbitrary code via a crafted expression. El plugin REST en Apache Struts versiones 2 2.3.19 hasta 2.3.28.1, permite a atacantes remotos ejecutar código arbitrario por medio de una expresión especialmente diseñada. • https://github.com/jason3e7/CVE-2016-4438 https://github.com/tafamace/CVE-2016-4438 http://jvn.jp/en/jp/JVN07710476/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2016-000110 http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.securityfocus.com/bid/91275 https://bugzilla.redhat.com/show_bug.cgi?id=1348238 https://struts.apache.org/docs/s2-037.html • CWE-20: Improper Input Validation •