Vulnerability Alert | Apache Struts2 exposes arbitrary Code execution Vulnerability (s2-045)

Source: Internet
Author: User
Tags cve

Recently, Apache official release of Apache Struts 2.3.5–2.3.31 version and 2.5–2.5.10 version of the Remote Code execution Vulnerability (cnnvd-201703-152, cve-2017-5638) of the Emergency Vulnerability Bulletin. The vulnerability is because the exception handler for the upload function does not correctly handle user input error messages, causing a remote attacker to use the vulnerability to execute arbitrary commands on the affected server by sending a malicious packet.

Vulnerability Hazard

An attacker could construct malicious code in the Content-type field in the header of an HTTP request to exploit the vulnerability, execute system commands on the affected server, and further take full control of the server, resulting in denial of service, data disclosure, Web site tampering, and so on. The vulnerability is more severe because the vulnerability is enabled by default with the required components.

  

Vulnerability number

cve-2017-5638

cnnvd-201703-152

Impact Range

Affected version of Struts2:

Struts 2.3.5–struts 2.3.31

Struts 2.5–struts 2.5.1

Detection method

Detection can be done by viewing the Struts2-core-x.x.x.jar file under the/web-inf/lib/directory under the WEB directory, if x represents the version number 2.3.5 to 2.3.31 and 2.5 to 2.5.10 without modifying the default configuration there is a vulnerability.

Repair measures

In order to protect the security of the user's assets, the exploit tool has been disclosed on the internet, so please fix the vulnerability in time.

1. Users can upgrade the version to Apache Struts 2.3.32 or Apache struts 2.5.10.1 to eliminate the vulnerability impact. It is recommended that you do a backup of your data before upgrading.

Patch Address:

Struts 2.3.32:https://github.com/apache/struts/releases/tag/struts_2_3_32

Struts 2.5.10.1:https://github.com/apache/struts/releases/tag/struts_2_5_10_1

2, if the user is not convenient to upgrade, you can take the following temporary solution: Delete the Commons-fileupload-x.x.x.jar file (will cause the upload function is not available).

3, if the confirmation of the problem exists, and cannot carry out the above measures, the user can timely contact with anxin and sincerity, anxin and Prudential will quickly provide users with security reinforcement, security policy adjustment and other related security services for emergency response, in order to quickly respond to the vulnerability.

Vulnerability Alert | Apache Struts2 exposes arbitrary Code execution Vulnerability (s2-045)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.