In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.

CPENameOperatorVersion
strutseqSTRUTS_2_5_5
strutseqSTRUTS_2_5_1
strutseqSTRUTS_2_2_1
strutseqSTRUTS_2_3_22
strutseqSTRUTS_2_3_24
strutseqSTRUTS_2_3_23
strutseqSTRUTS_2_3_20
strutseqSTRUTS_2_3_17
strutseqSTRUTS_2_5_2
strutseqSTRUTS_2_5_3

Name	Operator	Version
struts	eq	STRUTS_2_5_5
struts	eq	STRUTS_2_5_1
struts	eq	STRUTS_2_2_1
struts	eq	STRUTS_2_3_22
struts	eq	STRUTS_2_3_24
struts	eq	STRUTS_2_3_23
struts	eq	STRUTS_2_3_20
struts	eq	STRUTS_2_3_17
struts	eq	STRUTS_2_5_2
struts	eq	STRUTS_2_5_3

Rows per page:

1-10 of 311

References

www.arubanetworks.com/assets/alert/ARUBA-PSA-2017-003.txt

www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html

www.securityfocus.com/bid/100829

kb.netapp.com/support/s/article/ka51A000000CgttQAC/NTAP-20170911-0001

struts.apache.org/docs/s2-053.html

nuclei 3

osv 12

impervablog 8

nessus 4

checkpoint_advisories 3

prion 2

ibm 6

seebug 2

redhatcve 2

cve 2

openvas 4

zdt 3

veracode 1

atlassian 4

ubuntucve 2

dsquare 2

cisco 2

thn 5

f5 2

github 3

cisa 1

exploitpack 1

packetstorm 2

trendmicroblog 2

cert 1

saint 3

cloudfoundry 1

attackerkb 2

myhack58 1

cisa_kev 1

metasploit 1

talosblog 2

threatpost 6

pentestit 1

fortinet 1

kitploit 5

qualysblog 1

oracle 1

nuclei

Apache Struts2 S2-053 - Remote Code Execution

2021-02-21 14:01:50

Apache Struts2 S2-052 - Remote Code Execution

2021-02-21 14:01:07

Apache Struts2 S2-053 - Remote Code Execution

2021-02-21 15:39:29

osv

Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal

2018-10-16 19:35:40

REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering

2018-10-16 19:37:56

CVE-2017-9805

2017-09-15 19:29:00

impervablog

Apache Struts, RCE and Managing App Risk

2017-09-18 20:33:25

How Reputation Intelligence Improves Application Security

2017-11-13 16:30:38

RedisWannaMine Unveiled: New Cryptojacking Attack Powered by Redis and NSA Exploits

2018-03-08 18:45:38

nessus

Apache Struts 2.1.x >= 2.1.2 / 2.2.x / 2.3.x < 2.3.34 / 2.5.x < 2.5.13 Multiple Vulnerabilities (S2-050 - S2-053)

2017-09-05 00:00:00

Apache Struts 2 REST Plugin XStream XML Request Deserialization RCE

2017-09-06 00:00:00

Oracle WebLogic Server Multiple Vulnerabilities

2017-10-04 00:00:00

checkpoint_advisories

Apache Struts2 Freemarker Remote Code Execution (CVE-2017-12611) - Ver2

2018-04-15 00:00:00

Apache Struts2 Freemarker Remote Code Execution (CVE-2017-12611)

2017-09-08 00:00:00

Apache Struts REST Plugin XStream Deserialization Remote Code Execution (CVE-2017-9805)

2017-09-06 00:00:00

prion

Code injection

2017-09-20 17:29:00

Deserialization of untrusted data

2017-09-15 19:29:00

ibm

Security Bulletin: Open Source Apache Struts Vulnerabilities affect IBM Platform Cluster Manager Standard Edition, IBM Platform Cluster Manager Advanced Edition, Platform HPC, and Spectrum Cluster Foundation

2018-06-24 02:07:21

Security Bulletin: A vulnerability in Apache Struts 2 affects IBM Spectrum Conductor with Spark (CVE-2017-9787, CVE-2017-9804, and CVE-2017-12611)

2018-06-18 01:38:10

Security Bulletin: IBM OpenPages GRC Platform Web Applications are NOT vulnerable to (CVE-2017-9805 , CVE-2017-9804, CVE-2017-9793)

2018-06-15 23:48:02

seebug

Apache Struts2 S2-053 (CVE-2017-12611)

2017-09-07 00:00:00

Apache Struts2 S2-052 (CVE-2017-9805)

2017-09-06 00:00:00

redhatcve

CVE-2017-12611

2017-09-07 14:48:25

CVE-2017-9805

2017-09-05 14:19:21

cve

CVE-2017-12611

2017-09-20 17:29:00

CVE-2017-9805

2017-09-15 19:29:00

openvas

Apache Struts Security Update (S2-053) - Active Check

2017-09-11 00:00:00

Apache Struts Security Update (S2-053) - Version Check

2021-04-06 00:00:00

Apache Struts Security Update (S2-052) - Active Check

2017-09-07 00:00:00

zdt

Apache Struts 2.0.1 < 2.3.33 / 2.5 < 2.5.10 - Arbitrary Code Execution Exploit

2018-04-29 00:00:00

Apache Struts 2.5 < 2.5.12 - REST Plugin XStream Remote Code Execution Exploit

2017-09-07 00:00:00

Apache Struts 2.5 - Remote Code Execution Exploit

2017-09-07 00:00:00

veracode

Remote Code Execution (RCE)

2017-09-08 06:31:48

atlassian

Remote Code Execution attack via unintentional expression in Freemarker tag - CVE-2017-12611

2020-11-19 00:08:55

Remote Code Execution attack via unintentional expression in Freemarker tag - CVE-2017-12611

2020-11-17 22:21:28

Remote Code Execution attack via unintentional expression in Freemarker tag - CVE-2017-12611

2020-11-19 00:08:55

ubuntucve

CVE-2017-12611

2017-09-20 00:00:00

CVE-2017-9805

2017-09-15 00:00:00

dsquare

Apache Struts 2 Freemarker Tag Handling RCE

2018-10-20 00:00:00

Apache Struts REST Plugin XStream RCE

2018-04-20 00:00:00

cisco

Apache Struts 2 Remote Code Execution Vulnerability Affecting Multiple Cisco Products: September 2017

2017-09-09 17:00:00

Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products: September 2017

2017-09-07 21:00:00

thn

Apache Struts 2 Flaws Affect Multiple Cisco Products

2017-09-11 23:50:00

Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers

2017-09-05 07:40:00

Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw

2017-09-13 21:38:00

K45474286 : Apache Struts Freemarker Remote Code Execution vulnerability CVE-2017-12611

2017-09-08 00:00:00

K84144321 : Apache Struts vulnerability CVE-2017-9805

2017-09-06 00:00:00

github

Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal

2018-10-16 19:35:40

REST Plugin in Apache Struts uses an XStreamHandler with an instance of XStream for deserialization without any type filtering

2018-10-16 19:37:56

The GitHub Security Lab’s journey to disclosing 500 CVEs in open source projects

2023-09-21 20:56:46

cisa

Oracle Patches Apache Vulnerabilities

2017-09-25 00:00:00

exploitpack

Apache Struts 2.5 2.5.12 - REST Plugin XStream Remote Code Execution

2017-09-06 00:00:00

packetstorm

Apache Struts 2 REST Plugin XStream Remote Code Execution

2017-09-07 00:00:00

Apache Struts 2.5.12 XStream Remote Code Execution

2017-09-07 00:00:00

trendmicroblog

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 4, 2017

2017-09-08 14:23:58

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of September 11, 2017

2017-09-15 14:59:53

cert

Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML data

2017-09-06 00:00:00

saint

Apache Struts REST plugin XStream deserialization vulnerability

2017-09-08 00:00:00

Apache Struts REST plugin XStream deserialization vulnerability

2017-09-08 00:00:00

Apache Struts REST plugin XStream deserialization vulnerability

2017-09-08 00:00:00

cloudfoundry

CVE-2017-9805: Apache Struts Remote Code Execution | Cloud Foundry

2017-09-08 00:00:00

attackerkb

CVE-2017-9805

2017-09-15 00:00:00

CVE-2017-9791

2017-07-10 00:00:00

myhack58

Apache Struts2–052 vulnerability research alert-vulnerability warning-the black bar safety net

2017-09-06 00:00:00

cisa_kev

Apache Struts Deserialization of Untrusted Data Vulnerability

2021-11-03 00:00:00

metasploit

Apache Struts 2 REST Plugin XStream RCE

2017-09-08 00:30:48

talosblog

Another Apache Struts Vulnerability Under Active Exploitation

2017-09-07 15:42:00

2018 in Snort Rules

2019-02-06 08:19:00

threatpost

Apache Foundation Refutes Involvement in Equifax Breach

2017-09-11 15:02:31

Patch Released for Critical Apache Struts Bug

2017-09-05 14:10:54

Equifax Confirms March Struts Vulnerability Behind Breach

2017-09-14 16:00:34

pentestit

S2-052: Apache Struts2 REST Plugin Payloads (CVE-2017-9805)

2017-09-07 05:33:35

fortinet

Apache Struts RCE Vulnerability

2017-09-29 00:00:00

kitploit

Sn1per v5.0 - Automated Pentest Recon Scanner

2018-07-05 13:45:00

Sn1per v6.0 - Automated Pentest Framework For Offensive Security Experts

2018-11-24 12:43:00

Sn1per v7.0 - Automated Pentest Framework For Offensive Security Experts

2019-05-12 13:09:00

qualysblog

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

oracle

Oracle Critical Patch Update - October 2017

2017-10-17 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

8.2 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.975 High

EPSS

Percentile

100.0%

JSON

Related for OSV:CVE-2017-12611