Apache Struts CVE-2017-5638 Remote Code Execution Vulnerability

Apache Struts is prone to a remote code-execution vulnerability.

Successfully exploiting this issue may allow an attacker to execute arbitrary code in the context of the affected application.

Apache Struts 2.3.5 through 2.3.31 and 2.5 through 2.5.10 are vulnerable.


Bugtraq ID: 96729
Class: Input Validation Error
CVE: CVE-2017-5638

Remote: Yes
Local: No
Published: Mar 06 2017 12:00AM
Updated: Apr 19 2017 07:05PM
Credit: Nike Zheng
Vulnerable: VMWare vRealize Operations Manager (vROps) 6.0
VMWare vRealize Hyperic 5.0
VMWare vCenter Server 6.5
VMWare vCenter Server 6.0
VMWare Horizon Desktop as-a-Service Platform (DaaS) 7.0
VMWare Horizon Desktop as-a-Service Platform (DaaS) 6.0
Oracle WebCenter Sites 11.1.1 8.0
Oracle WebCenter Sites
Oracle WebCenter Sites
Oracle WebCenter Sites
IBM Connections 5.5
IBM Connections 5.0
IBM Connections 4.5
IBM Connections 4.0
Huawei SMSGW V100R003C01
Huawei SMSGW V100R002C11
Huawei SMSGW V100R002C01
Huawei Secospace AntiDDoS8030 V100R001C00
Huawei iManager NetEco 6000 V600R007C91
Huawei iManager NetEco 6000 V600R007C90
Huawei iManager NetEco 6000 V600R007C80
Huawei iManager NetEco V600R008C20
Huawei iManager NetEco V600R008C10
Huawei iManager NetEco V600R008C00
Huawei iManager NetEco V600R007C60SPC100
Huawei iManager NetEco V600R007C50
Huawei iManager NetEco V600R007C11
Huawei eSpace ECS V300R001C00
Huawei eSpace ECS V200R003C10
Huawei eSpace ECS V200R003C00
Huawei eSpace ECS V200R002C00
HP Universal CMDB Foundation Software 10.22 CUP5
Cisco Unity Connection 0
Cisco Unified SIP Proxy Software 0
Cisco Unified Intelligent Contact Management Enterprise 0
Cisco Unified Contact Center Enterprise 0
Cisco Unified Communications Manager Session Management Edition 0
Cisco Unified Communications Manager IM & Presence Service 0
Cisco Unified Communications Manager -
Cisco Prime Service Catalog Appliance and Virtual Appliance 0
Cisco Identity Services Engine (ISE) 0
Cisco Emergency Responder
Atlassian HipChat Server 2.0
Atlassian Crowd 2.11
Atlassian Crowd 2.10.1
Atlassian Crowd 2.9.5
Atlassian Crowd 2.9.4
Atlassian Crowd 2.9.3
Atlassian Crowd 2.9.2
Atlassian Crowd 2.9.1
Atlassian Crowd 2.9
Atlassian Crowd 2.8.8
Atlassian Crowd 2.8.3
Atlassian Bamboo 5.15
Atlassian Bamboo 5.12
Atlassian Bamboo 5.11
Atlassian Bamboo 5.10
Atlassian Bamboo 5.1
Atlassian Bamboo
Atlassian Bamboo
Apache Struts 2.3.31
Apache Struts 2.3.30
Apache Struts 2.3.28
Apache Struts 2.3.24
Apache Struts 2.3.5
Apache Struts 2.5.8
Apache Struts 2.5.7
Apache Struts 2.5.5
Apache Struts 2.5.2
Apache Struts 2.5.10
Apache Struts 2.5.1
Apache Struts 2.5
Apache Struts 2.3.8
Apache Struts 2.3.7
Apache Struts 2.3.29
Apache Struts 2.3.20
Apache Struts 2.3.16
Apache Struts 2.3.15
Apache Struts 2.3.14
Apache Struts 2.3.12

Not Vulnerable: VMWare vCenter Server 6.5b
Atlassian HipChat Server 2.2.2
Atlassian Crowd 2.11.1
Atlassian Crowd 2.10.3
Atlassian Crowd 2.9.7
Atlassian Bamboo 5.15.3
Atlassian Bamboo 5.14.5
Apache Struts
Apache Struts 2.3.32


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
The following exploit is available:

Related Posts