Shulou(Shulou.com)06/01 Report--

So this morning, a vulnerability called str2-045has become the focus of discussion, so what on earth is this str2-045s?

The full name of this vulnerability is called: Struts remote code execution vulnerability based on Jakarta plugin plug-in. According to the official evaluation, this vulnerability is a high-risk vulnerability, his vulnerability number is: CVE-2017-5638

So what is this loophole all about?

A malicious user can trigger this vulnerability when uploading a file by modifying the Content-Type value in the HTTP request header to execute system commands.

The exploitation of this loophole is conditional! This vulnerability needs to be remotely exploited to execute code through Jakarta file upload plug-ins.

1. File upload function based on Jakarta (Jakarta Multipart parser) plug-in

two。 The malicious person carefully constructs the value of Content-Type.

This vulnerability mainly appears in the versions of Struts 2.3.5-Struts 2.3.31 Struts 2.5-Struts 2.5.10

Vulnerability description:

Apache Struts 2 has been exposed to exist a remote command execution vulnerability, vulnerability number S2-045CVE number CVE-2017-5638, when using the file upload function based on the Jakarta plug-in, there may be remote command execution, resulting in the system being *.

Vulnerability number:

CVE-2017-5638

Vulnerability name:

Struts remote Code execution vulnerability based on Jakarta plugin plug-in

Official rating:

High risk

Vulnerability description:

A malicious user can trigger this vulnerability when uploading a file by modifying the Content-Type value in the HTTP request header to execute system commands.

Exploit conditions and methods:

* * this vulnerability is remotely exploited to execute code through the Jakarta file upload plug-in.

1. File upload function based on Jakarta (Jakarta Multipart parser) plug-in

two。 The malicious person carefully constructs the value of Content-Type.

Scope of vulnerability impact:

Struts 2.3.5-Struts 2.3.31

Struts 2.5-Struts 2.5.10

Created by Lukasz Lenart, last modified yesterday at 01:14 PM

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.