Apache Struts 2 REST plugin XStream RCE S2-052
Impact: High
Description
Apache Struts 2, specifically the REST Plugin, is susceptible to a Remote Code Execution (RCE) vulnerability identified as S2-052. This vulnerability arises due to the use of a XStreamHandler
with an instance of XStream for deserialization without adequate type filtering. Attackers can exploit this flaw by submitting malicious XML payloads, leading to the execution of arbitrary code on the server.
Recommendation
To mitigate this vulnerability, it is recommended to upgrade to Apache Struts version 2.5.13, 2.3.34, or newer versions.
References
👉 You might also like:
Apache Struts 2 RCE S2-045 - CVE-2017-5638
Apache Struts 2 Forced double OGNL evaluation S2-059 - CVE-2019-0230
Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776
Apache Tomcat JSP Upload RCE - CVE-2017-12615, CVE-2017-12617
Last updated on May 13, 2024