Vulnerability Details : CVE-2016-3087
Public exploit exists!
Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
Vulnerability category: Input validationExecute code
Exploit prediction scoring system (EPSS) score for CVE-2016-3087
52.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2016-3087
-
Apache Struts REST Plugin With Dynamic Method Invocation Remote Code Execution
Disclosure Date: 2016-06-01First seen: 2020-04-26exploit/multi/http/struts_dmi_rest_execThis module exploits a remote command execution vulnerability in Apache Struts version between 2.3.20 and 2.3.28 (except 2.3.20.2 and 2.3.24.2). Remote Code Execution can be performed when using REST Plugin with ! operator when Dynamic Method Invocation is enabled.
CVSS scores for CVE-2016-3087
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-3087
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-3087
-
http://www.securitytracker.com/id/1036017
Apache Struts REST Plugin Lets Remote Users Execute Arbitrary Code on the Target System - SecurityTracker
-
http://www-01.ibm.com/support/docview.wss?uid=swg21987854
IBM Security Bulletin: Multiple Vulnerabilities in Struts v2 affect IBM Opportunity Detect
-
https://www.exploit-db.com/exploits/39919/
Apache Struts - REST Plugin With Dynamic Method Invocation Remote Code Execution (Metasploit)
-
http://struts.apache.org/docs/s2-033.html
S2-033 - DEPRECATED: Apache Struts 2 Documentation - Apache Software FoundationVendor Advisory
-
http://www.securityfocus.com/bid/90960
Apache Struts CVE-2016-3087 Remote Code Execution Vulnerability
Products affected by CVE-2016-3087
- cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*