Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-4556 — Improper Input Validation in Xwork

CWE-20 — Improper Input Validation5 documents5 sources

Severity

6.8MEDIUMNVD

EPSS

2.1%

top 15.88%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Opensymphony Xwork

Timeline

PublishedAug 28

Latest updateMay 1

Description

Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

▶NVDopensymphony/xwork2.0.0 — 2.0.4+1

Patches

Patch: forums.opensymphony.com ↗Patch: struts.apache.org ↗Patch: forums.opensymphony.com ↗

🔴Vulnerability Details

GHSA

OpenSymphony XWork vulnerable to improper input validation↗2022-05-01

▶

OSV

OpenSymphony XWork vulnerable to improper input validation↗2022-05-01

▶

CVEList

CVE-2007-4556: Struts support in OpenSymphony XWork before 1↗2007-08-28

▶

💥Exploits & PoCs

Nuclei

OpenSymphony XWork/Apache Struts2 - Remote Code Execution

▶