CVE-2023-50164
Apache Struts: File upload component had a directory traversal vulnerability
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
7
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
Un atacante puede manipular los parámetros de carga de archivos para permitir path traversal y, en algunas circunstancias, esto puede provocar la carga de un archivo malicioso que puede usarse para realizar la ejecución remota de código. Se recomienda a los usuarios actualizar a las versiones Struts 2.5.33 o Struts 6.3.0.1 o superior para solucionar este problema.
*Credits:
Steven Seeley of Source Incite
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-12-04 CVE Reserved
- 2023-12-07 CVE Published
- 2023-12-15 First Exploit
- 2024-08-02 CVE Updated
- 2024-11-18 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-552: Files or Directories Accessible to External Parties
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/176157/Struts-S2-066-File-Upload-Remote-Code-Execution.html | Third Party Advisory |
|
| https://security.netapp.com/advisory/ntap-20231214-0010 | Third Party Advisory |
|
| https://www.openwall.com/lists/oss-security/2023/12/07/1 | Mailing List |
|
| URL | Date | SRC |
|---|---|---|
| https://github.com/bcdannyboy/CVE-2023-50164 | 2023-12-15 | |
| https://github.com/snyk-labs/CVE-2023-50164-POC | 2024-01-16 | |
| https://github.com/sunnyvale-it/CVE-2023-50164-PoC | 2024-01-16 | |
| https://github.com/jakabakos/CVE-2023-50164-Apache-Struts-RCE | 2024-04-04 | |
| https://github.com/Trackflaw/CVE-2023-50164-ApacheStruts2-Docker | 2023-12-20 | |
| https://github.com/minhbao15677/CVE-2023-50164 | 2024-04-26 | |
| https://github.com/Thirukrishnan/CVE-2023-50164-Apache-Struts-RCE | 2023-12-20 |
| URL | Date | SRC |
|---|---|---|
| https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj | 2023-12-20 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Apache Search vendor "Apache" | Struts Search vendor "Apache" for product "Struts" | >= 2.0.0 < 2.5.33 Search vendor "Apache" for product "Struts" and version " >= 2.0.0 < 2.5.33" | - |
Affected
| ||||||
| Apache Search vendor "Apache" | Struts Search vendor "Apache" for product "Struts" | >= 6.0.0 < 6.3.0.2 Search vendor "Apache" for product "Struts" and version " >= 6.0.0 < 6.3.0.2" | - |
Affected
| ||||||