Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Apache Struts RCE Vulnerability (S2-048) - Version Check
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Apache Struts is prone to a remote code execution (RCE) vulnerability.
Insight
Insight
It is possible to perform a RCE attack with a malicious field value when using the Struts 2 Struts 1 plugin and it's a Struts 1 action and the value is a part of a message presented to the user, i.e. when using untrusted input as a part of the error message in the ActionMessage class.
Affected Software
Affected Software
Apache Struts 2.3.x with Struts 1 plugin and Struts 1 action.
Detection Method
Detection Method
Checks if a vulnerable version is present on the target host.
Solution
Solution
As a mitigation always use resource keys instead of passing a raw message to the ActionMessage as shown in the references, never pass a raw value directly.