Zero-day detected in Apache Struts 2

2017-03-10

Struts is a popular open source framework for building Servlet/JSP based web applications. The vulnerability (CVE-2017-5638) is a remote code execution bug that affects the Jakarta Multipart parser in Apache which is used for uploading files. It allows an attacker to perform an unauthenticated remote code execution by crafting a special Content-Type value in an HTTP request.

The vulnerability is fixed in the latest version of Apache Struts 2. If you are using Jakarta-based file upload Multipart parser, upgrade to Apache Struts version 2.3.32 or 2.5.10.1 or higher.

In the last 2 days our web monitoring service Triggerfish has detected an increasing number of attack attempts where automated scanners are looking for affected web pages.

Attacks detected by Triggerfish

Questions about this post? Mail us!


Interested in our services?

Fill out your contact details and we'll send you the installation instructions.