Apache Struts 2 REST plugin XStream RCE S2-052

Description

Apache Struts 2, specifically the REST Plugin, is susceptible to a Remote Code Execution (RCE) vulnerability identified as S2-052. This vulnerability arises due to the use of a XStreamHandler with an instance of XStream for deserialization without adequate type filtering. Attackers can exploit this flaw by submitting malicious XML payloads, leading to the execution of arbitrary code on the server.

Recommendation

To mitigate this vulnerability, it is recommended to upgrade to Apache Struts version 2.5.13, 2.3.34, or newer versions.

References

• S2-052 - Apache Struts 2 Wiki
• Apache Struts
• CVE-2017-9805
• CWE-20
• CWE-78
• CAPEC-88
• CAPEC-310
• OWASP 2021-A3
• OWASP 2021-A6

Related Issues

• Apache Struts 2 RCE S2-045 - CVE-2017-5638
• Apache Struts 2 Forced double OGNL evaluation S2-059 - CVE-2019-0230
• Apache Struts OGNL expression RCE S2-057 - CVE-2018-11776
• Apache Tomcat JSP Upload RCE - CVE-2017-12615, CVE-2017-12617

Tags:

RCE

Struts

Injection