Apache Struts 2 RCE S2-045
Impact: High
Description
It is possible to perform a RCE attack with a malicious Content-Type value. If the Content-Type value isn’t valid an exception is thrown which is then used to display an error message to a user.
Recommendation
If you are using Jakarta based file upload Multipart parser, upgrade to Apache Struts version 2.3.32 or 2.5.10.1 or newer version.
References
- S2-045 - Apache Struts 2 Wiki
- Apache Struts
- CVE-2017-5638
- CWE-77
- OWASP 2017-A1
- OWASP 2021-A3
- CWE-20
- OWASP 2017-A9
- OWASP 2021-A6
👉 You might also like:
Apache Struts 2 REST plugin XStream RCE S2-052 - CVE-2017-9805
Apache Struts 2 Forced double OGNL evaluation S2-059 - CVE-2019-0230
Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776
Apache Tomcat JSP Upload RCE - CVE-2017-12615, CVE-2017-12617
Last updated on June 06, 2022