Apache Struts 2 REST plugin XStream RCE S2-052

Impact: High

Description

Apache Struts 2, specifically the REST Plugin, is susceptible to a Remote Code Execution (RCE) vulnerability identified as S2-052. This vulnerability arises due to the use of a XStreamHandler with an instance of XStream for deserialization without adequate type filtering. Attackers can exploit this flaw by submitting malicious XML payloads, leading to the execution of arbitrary code on the server.

Recommendation

To mitigate this vulnerability, it is recommended to upgrade to Apache Struts version 2.5.13, 2.3.34, or newer versions.

References

Apache Struts
CVE-2017-9805
CWE-20
CWE-78
OWASP 2021-A3
OWASP 2021-A6
S2-052 - Apache Struts 2 Wiki

👉 You might also like:

Apache Struts 2 REST plugin XStream RCE S2-052

Description

Recommendation

References

Apache Struts 2 RCE S2-045 - CVE-2017-5638

Apache Struts 2 Forced double OGNL evaluation S2-059 - CVE-2019-0230

Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776

Apache Tomcat JSP Upload RCE - CVE-2017-12615, CVE-2017-12617

This issue is available in SmartScanner Professional