HomePentest-Tools.com Logo

Apache Struts 2.x <= 2.3.36 commons-fileupload RCE Vulnerability CVE-2016-1000031

Severity
CVSSv3 Score
9.8
Vulnerability description

Apache Struts is prone to a remote code execution (RCE) in a shipped library.

Risk description

There exists a Java Object in the Apache Commons FileUpload library that can be manipulated in such a way that when it is deserialized, it can write or copy files to disk in arbitrary locations. Furthermore, while the Object can be used alone, this new vector can be integrated with ysoserial to upload and execute binaries in a single deserialization call. This may or may not work depending on an applications implementation of the FileUpload library. Apache Struts version 2.3.36 and prior contain the affected Commons FileUpload library.

Recommendation

Update to version 2.5.12 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 25, 2016
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available