Lucene search

K
seebugRootSSV:92746
HistoryMar 06, 2017 - 12:00 a.m.

S2-045: Struts 2 Remote Code Execution vulnerability(CVE-2017-5638)

2017-03-0600:00:00
Root
www.seebug.org
336

EPSS

0.975

Percentile

100.0%

Based on the Jakarta plugin plugin Struts remote code execution vulnerability, a malicious user can upload a file by modifying the HTTP request header Content-Type value to trigger the vulnerability, and then execute the system command.

Sound detection method(the detection method by the constant company): the In to the server to issue the http request packet, modify the Content-Type field: Content-Type:%{#context['com. opensymphony. xwork2. dispatcher. HttpServletResponse']. addHeader('vul','vul')}. multipart/form-data

Such as the return response packets in the presence of vul: the vul field entry then indicates the presence of vulnerability.