Описание
Path Traversal in Apache Struts
In Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side. This vulnerability is only exploitable when using the Struts 2 Convention plugin in conjunction with Apache Struts.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2016-6795
- https://github.com/apache/struts/commit/8e67b9144aa643769b261e2492cb561e04d016ab
- https://github.com/apache/struts/commit/c1869f4989942dd33fa4e189e0ac1f766fb5ac14
- https://security.netapp.com/advisory/ntap-20180629-0003
- https://struts.apache.org/docs/s2-042.html
- https://web.archive.org/web/20200227214705/http://www.securityfocus.com/bid/93773
Пакеты
org.apache.struts:struts2-convention-plugin
>= 2.3.0, < 2.3.31
2.3.31
org.apache.struts:struts2-convention-plugin
>= 2.5.0, < 2.5.5
2.5.5
Связанные уязвимости
In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side.
In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side.
In the Convention plugin in Apache Struts 2.3.x before 2.3.31, and 2.5 ...