Apache Struts is a free and open-source framework used to build Java web applications.This is not the first remote code execution vulnerability discovered on Apache Struts.
Apache Struts2 official released a security bulletin, the bulletin pointed out that Apache Struts2 Jakarta Multipart parser plug-in, there is a remote code execution vulnerability, vulnerability number CVE-2017-5638.
An attacker could use the plugin to upload a file by modifying the value of the Content-Length header and adding the malicious code to the Content-Disposition value, causing the Remote Code Execution.
This specific vulnerability can be exploited if the attacker sends a crafted request to transfer a file to a vulnerable server that uses a Jakarta-based module to handle the request.
Proof of Concept ‘POC‘:Security experts also examine malicious attack will turn off the firewall on the objective servers and after that drop malicious payloads, for example, IRC bouncers and DDoS bots.
Exploit:From Imperva security, this attack depends on Manipulating header type, we can detect and block the attack before it was mace public by using “Unauthorized Request Content Type” rule.
A proof of concept that shows the attack situation is openly accessible.The attacks originated from 1,323 IP addresses over 40 distinct nations.
Also Read:
An alarming new development emerged in the cybersecurity landscape with the release of a proof-of-concept…
The popular cookie management extension EditThisCookie has been the target of a malicious impersonation. Originally…
A critical vulnerability has been identified in the popular UpdraftPlus: WP Backup & Migration Plugin,…
A recent blog post by developer Jeff Johnson has brought to light a new feature…
BARWM, a novel backdoor attack approach for real-world deep learning (DL) models deployed on mobile…
The researcher proposes a game-theoretic approach to analyze the interaction between the model defender and…