Vulnerability warning | bucket pixel technology found in high-risk Struts2 showcase remote code execution vulnerability S2-048-the vulnerability warning-the black bar safety net

Recently, from the bucket as technology Tophant security researcher icez found Struts2 showcase application in the presence of a remote code execution high-risk vulnerabilities. Struts2 official has confirmed the vulnerability, the vulnerability number S2-048, CVE number: CVE-2017-9791, the vulnerability degree of harm for high-risk(High).
Vulnerability number
CVE-2017-9791
S2-048
! [](/Article/UploadPic/2017-7/201778113815603. png? www. myhack58. com)
Vulnerability
Struts 2.3. x series the Showcase application
It is worth mentioning that the showcase refers to an application, usually in the path \struts-2.3. x\apps\struts2-showcase. war exists, if on the server and not installed the application is not subject to the vulnerability.
Vulnerability overview
Apache Struts is a United States Apache（the Apache Software Foundation is responsible for the maintenance of an open source project, is used to create enterprise-class Java Web application open source MVC framework. In Struts 2.3. x series the Showcase application demo Struts2 integration of the Struts 1 Plug-in there is a arbitrary code execution vulnerability. When your app uses Struts2 Struts1 plugin, it may lead to untrusted input passed to the ActionMessage class in the lead to command execution.
Solutions
To ActionMessage passes the original message using the following resource key value, don’t directly pass the original value
messages. add(“msg”, new ActionMessage(“struts1. gangsterAdded”, gform. getName()));
The value should not be the case:
messages. add(“msg”, new ActionMessage(“Gangster” + gform. getName() + “was added”));