Remote code execution in Apache Struts
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2017-9791 |
| CWE-ID | CWE-20 |
| Exploitation vector | Network |
| Public exploit | Vulnerability #1 is being exploited in the wild. |
| Vulnerable software |
Apache Struts Server applications / Frameworks for developing and running applications |
| Vendor | Apache Foundation |
Security Bulletin
This security bulletin contains one high risk vulnerability.
1) Remote code execution
EUVDB-ID: #VU7391
Risk: High
CVSSv4.0: 9.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Amber]
CVE-ID: CVE-2017-9791
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The weakness exists due to input validation error when using the Struts 2 Struts 1 plugin and it's a Struts 1 action. A remote attacker can send an error message in the ActionMessage class containing malicious field value and execute arbitrary code on the target system.
Successful exploitation of the vulnerability may result in system compromise.
Follow vendor's recommendations to mitigate this vulnerability.
Apache Struts: 2.2.3.1 - 2.3.32
CPE2.3 External linkshttps://struts.apache.org/docs/s2-048.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, a fully functional exploit for this vulnerability is available.
