Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
Published 2018-08-22 13:29:01
Updated 2024-07-25 14:48:57
View at NVD,   CVE.org
Vulnerability category: Execute code

Products affected by CVE-2018-11776

CVE-2018-11776 is in the CISA Known Exploited Vulnerabilities Catalog

CISA vulnerability name:
Apache Struts Remote Code Execution Vulnerability
CISA required action:
Apply updates per vendor instructions.
CISA description:
Apache Struts contains a vulnerability that allows for remote code execution under two circumstances. One, where the alwaysSelectFullNamespace option is true and the value isn't set for a result defined in underlying configurations and in same time, its upper package configuration have no or wildcar
Notes:
https://nvd.nist.gov/vuln/detail/CVE-2018-11776
Added on 2021-11-03 Action due date 2022-05-03

Exploit prediction scoring system (EPSS) score for CVE-2018-11776

97.33%
Probability of exploitation activity in the next 30 days EPSS Score History
~ 100 %
Percentile, the proportion of vulnerabilities that are scored at or less

Metasploit modules for CVE-2018-11776

  • Apache Struts 2 Namespace Redirect OGNL Injection
    Disclosure Date: 2018-08-22
    First seen: 2020-04-26
    exploit/multi/http/struts2_namespace_ognl
    This module exploits a remote code execution vulnerability in Apache Struts version 2.3 - 2.3.4, and 2.5 - 2.5.16. Remote Code Execution can be performed via an endpoint that makes use of a redirect action. Note that this exploit is dependant on the version of Tomca

CVSS scores for CVE-2018-11776

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Score Source First Seen
9.3
HIGH AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
NIST
8.1
HIGH CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.2
5.9
NIST
8.1
HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
2.2
5.9
NIST 2024-07-25

References for CVE-2018-11776

Jump to
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!