CVE-2017-12611 Apache Struts Freemarker Tag Remote Code Execution Vulnerability (S2-053)

漏洞类别:Local

漏洞等级:

漏洞信息

Apache Struts is an open-source Model-View-Controller (MVC) framework for creating elegant, modern Java web applications.

A RCE attack is possible when developer is using wrong construction in Freemarker tags (CVE-2017-12611). Affected software:
Struts 2.0.1 – Struts 2.3.33, Struts 2.5 – Struts 2.5.10

QID detection logic (Authenticated):
Detection looks for “struts core” jar files in deployed web applications directories and lib folder of Tomcat server. Once it successfully finds the jar file, version information is extracted from that jar files and compared.
Please note: Our detection does not support if the applications are deployed with server configuration unpackWARs=false.

漏洞危害

A remote attacker could exploit this vulnerability to execute arbitrary code.

解决方案

The vendor has released advisories and updates to fix these vulnerabilities.
Refer to the following link for further details: Apache Struts Announcements 07 September 2017

Patch:
Following are links for downloading patches to fix the vulnerabilities:

S2-053 (Apache Struts )

Leave a Reply