Attackers take advantage of Apache Struts vulnerabilities

Last week, a new and critical flaw in the Apache Struts Web application framework was reported by the developers. According to security researchers, the vulnerability affects a disproportionate number of high-impact websites.

An unauthenticated attacker can easily execute a code in the affected system simply by creating a specially crafted content type HTTP header.

Since last thursday, AlienVault has observed high number of attackers who try to exploit the vulnerability.

More than 400 unique sources are feared to have attempted to exploit the Apache Struts vulnerabilities.

In order to contain the situation AlienVault Labs team have created a Pulse in the OTX with the collection of payloads that are being delivered.

Since so many active threats are plaguing and exploiting the struts, AlienVault recommends their users to upgrade their Apache Struts version as soon as possible.

The vulnerable versions of Apache Struts are:

Struts 2.3.5 - Struts 2.3.31

Struts 2.5 - Struts 2.5.10

Upgrading to the following versions resolves the vulnerability:

Struts 2.3.32

Struts 2.5.10.1

Tag : Apache
FAQ
Q
What does Apache Struts do?
A
Apache Struts 2. ... Apache Struts 2 is an open-source web application framework for developing Java EE web applications. It uses and extends the Java Servlet API to encourage developers to adopt a model–view–controller (MVC) architecture.
Q
What is RCE vulnerability?
A
Remote Code Execution (RCE) The best way to protect a computer from a remote code execution vulnerability is to fix holes that allow an attacker to gain access. Microsoft often releases security patches addressing remote code execution vulnerabilities in its monthly Patch Tuesday fixes.
Q
How do I check struts version?
A
For windows OS
Open file explorer, search for struts*.jar.
Open struts-core.jar with a unzip tool (e.g. IZArc2Go)
Open META-INF folder and open MANIFEST.MF file with a text editor.
There you will find Specification-Version: with the version number.
Q
What is Apache Struts framework?
A
Apache Struts. Apache Struts is a free, open-source, MVC framework for creating elegant, modern Java web applications. It favors convention over configuration, is extensible using a plugin architecture, and ships with plugins to support REST, AJAX and JSON.
Q
What is Apache Struts CVE 2017 5638?
A
Apache Struts is a framework for building Web applications. Apache Struts is prone to a remote code-execution vulnerability. Specifically, this issue affects the Jakarta based file upload Multipart parser. An attacker can exploit this issue through a malicious Content-Type value.