// For flags

CVE-2017-5638

Apache Struts Remote Code Execution Vulnerability

Severity Score

10.0
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

27
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

-
*SSVC
Descriptions

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

El analizador sintáctico Jakarta Multipart en Apache Struts 2 en versiones 2.3.x anteriores a la 2.3.32 y versiones 2.5.x anteriores a la 2.5.10.1 no maneja correctamente las excepciones y la generación de mensajes de error, lo que permite a atacantes remotos ejecutar comandos arbitrarios a través de una cadena #cmd= en un encabezado HTTP de Content-Type, Content-Disposition o Content-Length manipulado.

Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2017-01-29 CVE Reserved
  • 2017-03-07 First Exploit
  • 2017-03-10 CVE Published
  • 2021-11-03 Exploited in Wild
  • 2022-05-03 KEV Due Date
  • 2024-08-05 CVE Updated
  • 2024-08-21 EPSS Updated
CWE
  • CWE-20: Improper Input Validation
CAPEC
References (55)
URL Tag Source
http://blog.talosintelligence.com/2017/03/apache-0-day-exploited.html Technical Description
http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-5638-apache-struts-vulnerability-remote-code-execution Technical Description
http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-002.txt X_refsource_confirm
http://www.eweek.com/security/apache-struts-vulnerability-under-attack.html Media Coverage
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html X_refsource_confirm
http://www.securityfocus.com/bid/96729 Third Party Advisory
http://www.securitytracker.com/id/1037973 Vdb Entry
https://arstechnica.com/security/2017/03/critical-vulnerability-under-massive-attack-imperils-high-impact-sites Media Coverage
https://cwiki.apache.org/confluence/display/WW/S2-046 X_refsource_confirm
https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=352306493971e7d5a756d61780d57a76eb1f519a X_refsource_confirm
https://git1-us-west.apache.org/repos/asf?p=struts.git%3Ba=commit%3Bh=6b8272ce47160036ed120a48345d9aa884477228 X_refsource_confirm
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03733en_us X_refsource_confirm
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03749en_us X_refsource_confirm
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03723en_us X_refsource_confirm
https://isc.sans.edu/diary/22169 Technical Description
https://lists.apache.org/thread.html/r1125f3044a0946d1e7e6f125a6170b58d413ebd4a95157e4608041c7%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E Mailing List
https://lists.apache.org/thread.html/r90890afea72a9571d666820b2fe5942a0a5f86be406fa31da3dd0922%40%3Cannounce.apache.org%3E Mailing List
https://nmap.org/nsedoc/scripts/http-vuln-cve2017-5638.html Third Party Advisory
https://security.netapp.com/advisory/ntap-20170310-0001 X_refsource_confirm
https://struts.apache.org/docs/s2-045.html X_refsource_confirm
https://struts.apache.org/docs/s2-046.html X_refsource_confirm
https://support.lenovo.com/us/en/product_security/len-14200 X_refsource_confirm
https://twitter.com/theog150/status/841146956135124993 Third Party Advisory
https://www.imperva.com/blog/2017/03/cve-2017-5638-new-remote-code-execution-rce-vulnerability-in-apache-struts-2 X_refsource_misc
https://www.kb.cert.org/vuls/id/834067 Third Party Advisory
https://www.symantec.com/security-center/network-protection-security-advisories/SA145 X_refsource_confirm
URL Date SRC
https://www.exploit-db.com/exploits/41570 2017-03-07
https://www.exploit-db.com/exploits/41614 2024-08-05
https://github.com/immunio/apache-struts2-CVE-2017-5638 2017-03-13
https://github.com/payatu/CVE-2017-5638 2017-05-05
https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638 2017-06-30
https://github.com/win3zz/CVE-2017-5638 2018-05-13
https://github.com/0x00-0x00/CVE-2017-5638 2018-02-12
https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit- 2017-07-24
https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2 2017-03-20
https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2 2017-03-11
https://github.com/eeehit/CVE-2017-5638 2017-04-01
https://github.com/colorblindpentester/CVE-2017-5638 2019-03-22
https://github.com/random-robbie/CVE-2017-5638 2017-03-16
https://github.com/lizhi16/CVE-2017-5638 2018-03-25
https://github.com/AndreasKl/CVE-2017-5638 2017-06-05
https://github.com/Badbird3/CVE-2017-5638 2021-06-24
https://github.com/readloud/CVE-2017-5638 2022-02-28
https://github.com/mritunjay-k/CVE-2017-5638 2023-03-02
https://github.com/Xhendos/CVE-2017-5638 2017-08-26
https://github.com/bhagdave/CVE-2017-5638 2017-03-21
https://github.com/un4ckn0wl3z/CVE-2017-5638 2018-11-22
https://github.com/Tankirat/CVE-2017-5638 2022-03-28
https://github.com/jrrombaldo/CVE-2017-5638 2024-03-29
https://exploit-db.com/exploits/41570 2024-08-05
https://github.com/mazen160/struts-pwn 2024-08-05
https://github.com/rapid7/metasploit-framework/issues/8064 2024-08-05
https://packetstormsecurity.com/files/141494/S2-45-poc.py.txt 2024-08-05
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.5
Search vendor "Apache" for product "Struts" and version "2.3.5"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.6
Search vendor "Apache" for product "Struts" and version "2.3.6"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.7
Search vendor "Apache" for product "Struts" and version "2.3.7"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.8
Search vendor "Apache" for product "Struts" and version "2.3.8"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.9
Search vendor "Apache" for product "Struts" and version "2.3.9"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.10
Search vendor "Apache" for product "Struts" and version "2.3.10"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.11
Search vendor "Apache" for product "Struts" and version "2.3.11"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.12
Search vendor "Apache" for product "Struts" and version "2.3.12"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.13
Search vendor "Apache" for product "Struts" and version "2.3.13"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.14
Search vendor "Apache" for product "Struts" and version "2.3.14"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.14.1
Search vendor "Apache" for product "Struts" and version "2.3.14.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.14.2
Search vendor "Apache" for product "Struts" and version "2.3.14.2"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.14.3
Search vendor "Apache" for product "Struts" and version "2.3.14.3"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.15
Search vendor "Apache" for product "Struts" and version "2.3.15"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.15.1
Search vendor "Apache" for product "Struts" and version "2.3.15.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.15.2
Search vendor "Apache" for product "Struts" and version "2.3.15.2"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.15.3
Search vendor "Apache" for product "Struts" and version "2.3.15.3"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.16
Search vendor "Apache" for product "Struts" and version "2.3.16"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.16.1
Search vendor "Apache" for product "Struts" and version "2.3.16.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.16.2
Search vendor "Apache" for product "Struts" and version "2.3.16.2"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.16.3
Search vendor "Apache" for product "Struts" and version "2.3.16.3"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.17
Search vendor "Apache" for product "Struts" and version "2.3.17"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.19
Search vendor "Apache" for product "Struts" and version "2.3.19"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.20
Search vendor "Apache" for product "Struts" and version "2.3.20"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.20.1
Search vendor "Apache" for product "Struts" and version "2.3.20.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.20.2
Search vendor "Apache" for product "Struts" and version "2.3.20.2"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.20.3
Search vendor "Apache" for product "Struts" and version "2.3.20.3"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.21
Search vendor "Apache" for product "Struts" and version "2.3.21"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.22
Search vendor "Apache" for product "Struts" and version "2.3.22"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.23
Search vendor "Apache" for product "Struts" and version "2.3.23"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.24
Search vendor "Apache" for product "Struts" and version "2.3.24"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.24.1
Search vendor "Apache" for product "Struts" and version "2.3.24.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.24.2
Search vendor "Apache" for product "Struts" and version "2.3.24.2"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.24.3
Search vendor "Apache" for product "Struts" and version "2.3.24.3"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.25
Search vendor "Apache" for product "Struts" and version "2.3.25"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.26
Search vendor "Apache" for product "Struts" and version "2.3.26"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.27
Search vendor "Apache" for product "Struts" and version "2.3.27"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.28
Search vendor "Apache" for product "Struts" and version "2.3.28"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.28.1
Search vendor "Apache" for product "Struts" and version "2.3.28.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.29
Search vendor "Apache" for product "Struts" and version "2.3.29"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.30
Search vendor "Apache" for product "Struts" and version "2.3.30"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.3.31
Search vendor "Apache" for product "Struts" and version "2.3.31"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5
Search vendor "Apache" for product "Struts" and version "2.5"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.1
Search vendor "Apache" for product "Struts" and version "2.5.1"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.2
Search vendor "Apache" for product "Struts" and version "2.5.2"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.3
Search vendor "Apache" for product "Struts" and version "2.5.3"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.4
Search vendor "Apache" for product "Struts" and version "2.5.4"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.5
Search vendor "Apache" for product "Struts" and version "2.5.5"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.6
Search vendor "Apache" for product "Struts" and version "2.5.6"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.7
Search vendor "Apache" for product "Struts" and version "2.5.7"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.8
Search vendor "Apache" for product "Struts" and version "2.5.8"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.9
Search vendor "Apache" for product "Struts" and version "2.5.9"
-
Affected
Apache
Search vendor "Apache"
Struts
Search vendor "Apache" for product "Struts"
2.5.10
Search vendor "Apache" for product "Struts" and version "2.5.10"
-
Affected