Path Traversal and Code Execution Vulnerability in Apache Struts Convention Plugin
CVE-2016-6795

9.8CRITICAL

Key Information:

Vendor
Apache
Status
Apache Struts
Vendor
CVE Published:
20 September 2017

Summary

The Convention plugin in Apache Struts versions prior to 2.3.31 for 2.3.x and prior to 2.5.5 for 2.5.x is susceptible to a critical vulnerability. By crafting a specially designed URL, attackers can exploit this flaw to perform path traversal attacks, potentially leading to the execution of arbitrary code on the server. This vulnerability poses significant risk as it allows unauthorized access to sensitive data and system controls.

Affected Version(s)

Apache Struts 2.3.x before 2.3.31

Apache Struts 2.5.x before 2.5.5

References

http://www.securityfocus.com/bid/93773
vdb-entryx_refsource_BID
https://struts.apache.org/docs/s2-042.html
x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20180629-0003/
x_refsource_CONFIRM

EPSS Score

9% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.