CVE-2017-9805 Scanner
CVE-2017-9805 scanner - Remote Code Execution (RCE) vulnerability in Apache Software Foundation Struts
Short Info
Level
High
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
15 seconds
Time Interval
4 weeks
Scan only one
URL
Toolbox
-
Apache Struts is an open-source web application framework developed in Java that is extremely popular across the world. The framework is used to build Java web applications, which operate on the Model-View-Controller (MVC) principle. The Struts framework provides developers with a robust and flexible infrastructure for developing web applications, with many advanced features enabling them to create highly dynamic pages and advanced applications with ease.
The CVE-2017-9805 vulnerability was detected in Apache Struts versions 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13. The vulnerability allowed hackers to remotely execute code because of the lack of type filtering in the XStreamHandler. Hackers could exploit the vulnerability to inject malicious code into XML payloads, which could then be decoded to run code on the server.
When this vulnerability is exploited, attackers could use it to take over the complete application, and thus access sensitive information, steal login credentials, or even alter files on the server. Attackers could even utilize the vulnerability to distribute malware to other systems or execute DDoS attacks.
s4e.io is a comprehensive security platform that can help users protect their digital assets easily and quickly. If you're concerned about vulnerabilities in your digital assets, check out s4e.io today. Their pro features enable you to run vulnerability checks across your entire network. It will help identify and remediate any issues and provide helpful alerts across your entire IT infrastructure. Their team can proactively monitor your security posture continuously, ensuring no potential issues go undetected.
REFERENCES
- http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
- http://www.securityfocus.com/bid/100609
- http://www.securitytracker.com/id/1039263
- https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
- https://bugzilla.redhat.com/show_bug.cgi?id=1488482
- https://cwiki.apache.org/confluence/display/WW/S2-052
- https://lgtm.com/blog/apache_struts_CVE-2017-9805
- https://security.netapp.com/advisory/ntap-20170907-0001/
- https://struts.apache.org/docs/s2-052.html
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2
- https://www.exploit-db.com/exploits/42627/
- https://www.kb.cert.org/vuls/id/112992
