CVE-2012-0392 Scanner
Detects 'Remote Code Execution (RCE)' vulnerability in Apache Struts affects v. before 2.3.1.1.
Short Info
Level
Medium
Type
Single Scan
Can be used by
Asset Owner
Estimated Time
15 sec
Scan only one
Url
Parent Category
CVE-2012-0392 Scanner Detail
Apache Struts is an open-source web application framework that is written in Java. Its purpose is to build elegant, modern, and maintainable web applications. It is widely utilized because of its various features, such as Model-View-Controller architecture, templates, and validators. It also supports different types of server-side validations such as CSRF protection, input validation, and type conversion.
A serious vulnerability was detected in Apache Struts, known as CVE-2012-0392. The CookieInterceptor component in the Apache Struts before version 2.3.1.1 did not use the parameter-name whitelist. This allowed remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method. This vulnerability could be exploited by an attacker by sending malicious requests that contain specially crafted cookies.
This vulnerability can lead to a chain of malicious operations. When exploited, an attacker could potentially execute arbitrary code on the target system, access sensitive information or even gain complete control of the affected system. Attackers could steal confidential data like personally identifiable information (PII), user credentials or intellectual property. Additionally, an attacker could install malware or use the system as a bot to launch a Distributed Denial of Services (DDoS) attack.
Finally, thanks to the pro features of the securityforeveryone.com platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. They can schedule regular vulnerability scans or even penetration testing to identify potential security breaches early. With this advanced level of security offered by securityforeveryone.com, companies can protect their confidential and sensitive data from malicious attackers.
REFERENCES
- exploit-db.com: 18329
- archives.neohapsis.com: 20120105 SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2
- http://struts.apache.org/2.x/docs/version-notes-2311.html
- http://struts.apache.org/2.x/docs/s2-008.html
- https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt
- lists.immunityinc.com: [dailydave] 20120106 Apache Struts
- secunia.com: 47393
control security posture