严重 Apache Struts2 2.3.5 ~ 2.3.31, 2.5 ~ 2.5.10 远程命令执行漏洞S2-046/S2-045(CVE-2017-5638)
CVE编号
CVE-2017-5638利用情况
漏洞武器化补丁情况
官方补丁披露时间
2017-03-11漏洞描述
Apache Struts是一款用于创建企业级Java Web应用的开源框架。 Apache Struts2存在S2-045/S2-045远程代码执行漏洞。远程攻击者利用该漏洞可直接取得网站服务器控制权。解决建议
Apache Struts官方已在发布的新的版本中修复了该漏洞。建议使用Jakarta Multipart parser模块的用户升级到Apache Struts版本2.3.32或2.5.10.1:https://cwiki.apache.org/confluence/display/WW/S2-045受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.10 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.11 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.12 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.13 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.14 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.14.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.14.2 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.14.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.15 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.15.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.15.2 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.15.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.16 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.16.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.16.2 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.16.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.17 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.19 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.20 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.20.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.20.2 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.20.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.21 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.22 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.23 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.24 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.24.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.24.2 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.24.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.25 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.26 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.27 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.28 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.28.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.29 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.30 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.31 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.5 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.6 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.7 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.8 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.3.9 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.1 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.10 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.2 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.3 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.4 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.5 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.6 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.7 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.8 | - | |||||
| 运行在以下环境 | |||||||||
| 应用 | apache | struts | 2.5.9 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | debian | DPKG | * | Up to (excluding) 0 | |||||
- 攻击路径 远程
- 攻击复杂度 容易
- 权限要求 无需权限
- 影响范围 全局影响
- EXP成熟度 漏洞武器化
- 补丁情况 官方补丁
- 数据保密性 数据泄露
- 数据完整性 传输被破坏
- 服务器危害 服务器失陷
- 全网数量 N/A
| CWE-ID | 漏洞类型 |
| CWE-20 | 输入验证不恰当 |
Exp相关链接
- https://github.com//mazen160/struts-pwn
- https://github.com/0x00-0x00/CVE-2017-5638
- https://github.com/Aasron/Struts2-045-Exp
- https://github.com/aljazceru/CVE-2017-5638-Apache-Struts2
- https://github.com/AndreasKl/CVE-2017-5638
- https://github.com/andypitcher/check_struts
- https://github.com/bhagdave/CVE-2017-5638
- https://github.com/bongbongco/cve-2017-5638
- https://github.com/c002/Apache-Struts
- https://github.com/cafnet/apache-struts-v2-CVE-2017-5638
- https://github.com/colorblindpentester/CVE-2017-5638
- https://github.com/dock0d1/Apache-Struts-2-CVE-2017-5638-Exploit
- https://github.com/donaldashdown/Common-Vulnerability-and-Exploit
- https://github.com/eeehit/CVE-2017-5638
- https://github.com/falcon-lnhg/StrutsShell
- https://github.com/Flyteas/Struts2-045-Exp
- https://github.com/ggolawski/struts-rce
- https://github.com/grant100/cybersecurity-struts2
- https://github.com/Greynad/struts2-jakarta-inject
- https://github.com/gsfish/S2-Reaper
- https://github.com/homjxi0e/CVE-2017-5638
- https://github.com/Iletee/struts2-rce
- https://github.com/immunio/apache-struts2-CVE-2017-5638
- https://github.com/initconf/CVE-2017-5638_struts
- https://github.com/injcristianrojas/cve-2017-5638
- https://github.com/invisiblethreat/strutser
- https://github.com/jas502n/S2-045-EXP-POC-TOOLS
- https://github.com/jas502n/st2-046-poc
- https://github.com/jongmartinez/CVE-2017-5638
- https://github.com/jpacora/Struts2Shell
- https://github.com/jrrdev/cve-2017-5638
- https://github.com/jrrombaldo/CVE-2017-5638
- https://github.com/KarzsGHR/S2-046_S2-045_POC
- https://github.com/leandrocamposcardoso/CVE-2017-5638-Mass-Exploit
- https://github.com/lizhi16/CVE-2017-5638
- https://github.com/lolwaleet/ExpStruts
- https://github.com/ludy-dev/XworkStruts-RCE
- https://github.com/m3ssap0/struts2_cve-2017-5638
- https://github.com/Masahiro-Yamada/OgnlContentTypeRejectorValve
- https://github.com/mazen160/struts-pwn
- https://github.com/mcassano/cve-2017-5638
- https://github.com/mthbernardes/strutszeiro
- https://github.com/oktavianto/CVE-2017-5638-Apache-Struts2
- https://github.com/opt9/Strutscli
- https://github.com/opt9/Strutshock
- https://github.com/pasannirmana/Aspire
- https://github.com/payatu/CVE-2017-5638
- https://github.com/PolarisLab/S2-045
- https://github.com/R4v3nBl4ck/Apache-Struts-2-CVE-2017-5638-Exploit-
- https://github.com/random-robbie/CVE-2017-5638
- https://github.com/ret2jazzy/Struts-Apache-ExploitPack
- https://github.com/riyazwalikar/struts-rce-cve-2017-5638
- https://github.com/sjitech/test_struts2_vulnerability_CVE-2017-5638
- https://github.com/SpiderMate/Stutsfi
- https://github.com/sUbc0ol/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner
- https://github.com/sUbc0ol/Apache-Struts2-RCE-Exploit-v2-CVE-2017-5638
- https://github.com/tahmed11/strutsy
- https://github.com/TamiiLambrado/Apache-Struts-CVE-2017-5638-RCE-Mass-Scanner
- https://github.com/un4ckn0wl3z/CVE-2017-5638
- https://github.com/vulhub/vulhub/tree/master/struts2/s2-045
- https://github.com/vulhub/vulhub/tree/master/struts2/s2-046
- https://github.com/win3zz/CVE-2017-5638
- https://github.com/Xhendos/CVE-2017-5638
- https://github.com/xsscx/cve-2017-5638
- https://gitlab.com/bryanwhyte/struts2-rce
- https://gitlab.com/HokieGeek/struts2-rce
- https://gitlab.com/philaruff/struts2-rce
- https://gitlab.com/sabley/struts2-rce
- https://gitlab.com/sabley1/struts2-rce
- https://raw.githubusercontent.com/jaeles-project/jaeles-signatures/master/cves/apache-struts-rce-cve-2017-5638.yaml
- https://raw.githubusercontent.com/projectdiscovery/nuclei-templates/master/cves/CVE-2017-5638.yaml
- https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/multi/http/struts2_content_type_ognl.rb
- https://www.exploit-db.com/exploits/41570
- https://www.exploit-db.com/exploits/41614
版权声明
本站原创文章转载请注明文章出处及链接,谢谢合作!
评论