CVE-2012-0392 Scanner
CVE-2012-0392 scanner - Remote Code Execution (RCE) vulnerability in Apache Struts
Short Info
Level
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
29 days 8 hours
Scan only one
URL
Toolbox
-
Apache Struts is an open-source web application framework that is written in Java. Its purpose is to build elegant, modern, and maintainable web applications. It is widely utilized because of its various features, such as Model-View-Controller architecture, templates, and validators. It also supports different types of server-side validations such as CSRF protection, input validation, and type conversion.
A serious vulnerability was detected in Apache Struts, known as CVE-2012-0392. The CookieInterceptor component in the Apache Struts before version 2.3.1.1 did not use the parameter-name whitelist. This allowed remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method. This vulnerability could be exploited by an attacker by sending malicious requests that contain specially crafted cookies.
This vulnerability can lead to a chain of malicious operations. When exploited, an attacker could potentially execute arbitrary code on the target system, access sensitive information or even gain complete control of the affected system. Attackers could steal confidential data like personally identifiable information (PII), user credentials or intellectual property. Additionally, an attacker could install malware or use the system as a bot to launch a Distributed Denial of Services (DDoS) attack.
Finally, thanks to the pro features of the s4e.io platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. They can schedule regular vulnerability scans or even penetration testing to identify potential security breaches early. With this advanced level of security offered by s4e.io, companies can protect their confidential and sensitive data from malicious attackers.
REFERENCES
- exploit-db.com: 18329
- archives.neohapsis.com: 20120105 SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2
- http://struts.apache.org/2.x/docs/version-notes-2311.html
- http://struts.apache.org/2.x/docs/s2-008.html
- https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt
- lists.immunityinc.com: [dailydave] 20120106 Apache Struts
- secunia.com: 47393
