Child pages
  • S2-053

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Excerpt

A possible Remote Code Execution attack when using an unintentional expression in Freemarker tag instead of string literals


Who should read this

All Struts 2 developers and users

Impact of vulnerability

A RCE attack is possible when developer is using wrong construction in Freemarker tags

Maximum security rating

Moderate

Recommendation

Upgrade to Struts 2.5.12 or Struts 2.3.34

Affected Software

Struts 2.0.

1

0 -

Struts 2

 2.3.33

,

Struts 2.5 - Struts 2.5.10.1

Reporter

Lupin <lupin1314 at gmail dot com> - jd.com security team

David Greene <david at trumpetx dot com>

Roland McIntosh <struts at rgm dot nu>

CVE Identifier

CVE-2017-12611

Problem

When using expression literals or forcing expression in Freemarker tags (see example below) and using request values can lead to RCE attack.

...

Inspect your code and remove vulnerable constructions.