CVE-2017-5638

9.8CRITICAL

Key Information

Vendor: Apache
Status: Apache Struts
Vendor: CVE Published:; 11 March 2017

Badges

👾 Exploit Exists🔴 Public PoC🟣 EPSS 96%

Summary

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.

CISA Reported

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2017-5638 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

Affected Version(s)

Apache Struts = 2.3.x before 2.3.32

Apache Struts = 2.5.x before 2.5.10.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

struts-pwn
Created by mazen160

Struts2-045-Exp
Created by Flyteas

strutszeiro
Created by mthbernardes

EPSS Score

96% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

👾
Exploit exists.
Aug 6, 2024
Vulnerability published.
Mar 11, 2017
Vulnerability Reserved.
Jan 29, 2017

Collectors

NVD DatabaseMitre DatabaseCISA Database66 Proof of Concept(s)