Description
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Apache Software Foundation / Apache StrutsStruts 2.0.0 - Struts 2.5.25 – Struts 2.0.0 - Struts 2.5.25
Exploits & proofs of concept
- nucleiApache Struts 2.0.0-2.5.25 - Remote Code Executionby pikpikcu
References
- MISChttps://cwiki.apache.org/confluence/display/WW/S2-061
- MISChttp://jvn.jp/en/jp/JVN43969166/index.html
- VENDOR_ADVISORYhttps://www.oracle.com/security-alerts/cpujan2021.html
- EXPLOIThttp://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
- MISChttps://security.netapp.com/advisory/ntap-20210115-0005/
- VENDOR_ADVISORYhttps://www.oracle.com/security-alerts/cpuApr2021.html
- VENDOR_ADVISORYhttps://www.oracle.com//security-alerts/cpujul2021.html
- VENDOR_ADVISORYhttps://www.oracle.com/security-alerts/cpuoct2021.html
- VENDOR_ADVISORYhttps://www.oracle.com/security-alerts/cpujan2022.html
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2022/04/12/6
- VENDOR_ADVISORYhttps://www.oracle.com/security-alerts/cpuapr2022.html