Vulnerability Details : CVE-2017-9791
Public exploit exists!
The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
Vulnerability category: Execute code
Products affected by CVE-2017-9791
- cpe:2.3:a:apache:struts:2.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.14.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.15:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.14.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.14.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.15.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.15.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.16:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.16.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.16.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.15.2:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.16.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.20:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.20.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.24:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.24.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.20.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.28:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.24.3:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.28.1:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.29:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.30:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.31:*:*:*:*:*:*:*
- cpe:2.3:a:apache:struts:2.3.32:*:*:*:*:*:*:*
CVE-2017-9791 is in the CISA Known Exploited Vulnerabilities Catalog
CISA vulnerability name:
Apache Struts 1 Improper Input Validation Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2017-9791
Added on
2022-02-10
Action due date
2022-08-10
Exploit prediction scoring system (EPSS) score for CVE-2017-9791
94.26%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less
Metasploit modules for CVE-2017-9791
-
Apache Struts 2 Struts 1 Plugin Showcase OGNL Code Execution
Disclosure Date: 2017-07-07First seen: 2020-04-26exploit/multi/http/struts2_code_exec_showcaseThis module exploits a remote code execution vulnerability in the Struts Showcase app in the Struts 1 plugin example in Struts 2.3.x series. Remote Code Execution can be performed via a malicious field value. Authors: - icez <ic3z at qq dot com> - Nixawk - xfer0
CVSS scores for CVE-2017-9791
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.5
|
HIGH | AV:N/AC:L/Au:N/C:P/I:P/A:P |
10.0
|
6.4
|
NIST | |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-02-06 |
|
9.8
|
CRITICAL | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2017-9791
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by:
- 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)
- nvd@nist.gov (Primary)
References for CVE-2017-9791
-
http://www.securitytracker.com/id/1038838
Apache Struts Bug in 'Struts 1 Plugin' Lets Remote Users Execute Arbitrary Code on the Target System - SecurityTrackerThird Party Advisory;VDB Entry
-
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
Oracle Security Alert CVE-2017-9805Patch;Third Party Advisory
-
http://www.securityfocus.com/bid/99484
Apache Struts CVE-2017-9791 Remote Code Execution VulnerabilityThird Party Advisory;VDB Entry
-
http://struts.apache.org/docs/s2-048.html
S2-048 - DEPRECATED: Apache Struts 2 Documentation - Apache Software FoundationMitigation;Vendor Advisory
-
https://www.exploit-db.com/exploits/44643/
Apache Struts 2 - Struts 1 Plugin Showcase OGNL Code Execution (Metasploit)Third Party Advisory;VDB Entry
-
https://security.netapp.com/advisory/ntap-20180706-0002/
July 2017 Apache Struts Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.exploit-db.com/exploits/42324/
Apache Struts 2.3.x Showcase - Remote Code ExecutionThird Party Advisory;VDB Entry
Jump to