CVE-2017-5638
Key Information
- Vendor
- Apache
- Status
- Apache Struts
- Vendor
- CVE Published:
- 11 March 2017
Badges
Summary
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
CISA Reported
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-5638 as being exploited and is known by the CISA as enabling ransomware campaigns.
The CISA's recommendation is: Apply updates per vendor instructions.
Affected Version(s)
Apache Struts = 2.3.x before 2.3.32
Apache Struts = 2.5.x before 2.5.10.1
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
EPSS Score
96% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 👾
Exploit exists.
Vulnerability published.
Vulnerability Reserved.