Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

An example Analysis of remote Code execution vulnerability in Apache Struts2

2025-02-24 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >

Share

Shulou(Shulou.com)06/01 Report--

Apache Struts2 remote code execution vulnerability example analysis, I believe that many inexperienced people do not know what to do, so this paper summarizes the causes of the problem and solutions, through this article I hope you can solve this problem.

Brief introduction of 0x01 vulnerability

On August 13, 2020, 360CERT Monitoring found that Apache officially issued a risk notice for the Struts2 remote code execution vulnerability, the vulnerability number is CVE-2019-0230, vulnerability level: high risk, vulnerability score: 8.5.

An attacker can construct a malicious OGNL expression and set it to be modified by external input and execute the attribute value of the Struts2 tag of the OGNL expression, causing OGNL expression parsing, resulting in the impact of remote code execution.

In this regard, 360CERT recommends that the majority of users upgrade Apache Struts2 in time to complete vulnerability repair. At the same time, please do a good job of asset self-examination and prevention to avoid hacker attacks.

0x02 risk rating

360CERT's assessment of the vulnerability is as follows

Assessment methods, threat levels, high risk impact areas, extensive 360CERT score 8.5,

0x03 vulnerability details

Apache Struts 2 is an open source web application architecture for developing Java EE web applications. It leverages and extends Java Servlet API to encourage developers to adopt the MVC architecture.

There are three limitations to this vulnerability:

The attribute value of the Struts2 tag executes an OGNL expression

The attribute value of the Struts2 tag can be modified by external input

The attribute value of the Struts2 tag has not been securely verified

Only when the above three conditions are met, an attacker can construct a malicious OGNL expression to affect the execution of remote commands.

0x04 affects version

Apache Struts2:2.0.0-2.5.20

0x05 repair recommendations General patching recommendations:

Upgrade to Struts 2.5.22 or later.

Or turn on ONGL expression injection protection

After reading the above, have you mastered the method of Apache Struts2 remote code execution vulnerability example analysis? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Internet Technology

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report