CVE-2012-0392

EPSS 96.8%

Vexday Risk Score

60Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS —EPSS 96.8%KEV nãoPoC públicaNuclei simMetasploit —Patch —

Lifecycle

06 Jan 2012Public PoC

08 Jan 2012Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/18329unverified exploitdbwww.exploit-db.com/exploits/18329unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2012-01/0031.html http://secunia.com/advisories/47393 https://lists.immunityinc.com/pipermail/dailydave/2012-January/000011.html http://struts.apache.org/2.x/docs/s2-008.html http://struts.apache.org/2.x/docs/version-notes-2311.html https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt http://www.exploit-db.com/exploits/18329