← back
CVE-2012-0391

CVE-2012-0391

CVSS 9.8 CRITICALEPSS 75.1%● KEVCWE-94
Vexday Risk Score
100Fix now
SSVC decision (CISA)
Act
Exploitation + impact → act immediately
CVSS 9.8EPSS 75.1%KEV simPoC públicaNuclei Metasploit simPatch
Lifecycle
06 Jan 2012Metasploit module available
06 Jan 2012Public PoC
08 Jan 2012Published on NVD
21 Jan 2022Active exploitation (CISA KEV)
Recommendation: Patch as soon as possible — active exploitation confirmed.
In short

Apache Struts improperly processes user input as code during error handling, allowing attackers to execute arbitrary Java commands on the server. This is a critical vulnerability that can completely compromise the affected system.

Technical detail

The ExceptionDelegator in Apache Struts < 2.2.3.1 evaluates parameter values as OGNL expressions during exception handling triggered by type mismatches, enabling remote code execution without authentication. An attacker can craft parameters that exploit this expression language evaluation to execute arbitrary Java code with server privileges.

Summary generated and translated by AI from the official description.
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/a
public PoCs found3
cve_referencewww.exploit-db.com/exploits/18329unverifiedexploitdbwww.exploit-db.com/exploits/18984unverifiedexploitdbwww.exploit-db.com/exploits/18329unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.htmlhttp://secunia.com/advisories/47393https://issues.apache.org/jira/browse/WW-3668http://struts.apache.org/2.x/docs/s2-008.htmlhttp://struts.apache.org/2.x/docs/version-notes-2311.htmlhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0391https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txthttp://www.exploit-db.com/exploits/18329