Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-3081 — Command Injection in Apache Struts

CWE-77 — Command Injection7 documents7 sources

Severity

8.1HIGHNVD

EPSS

94.0%

top 0.11%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Apache Struts Oracle Siebel E-billing

Timeline

PublishedApr 26

Latest updateMay 14

Description

Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via method: prefix, related to chained expressions.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 2.2 | Impact: 5.9

Affected Packages2 packages

▶NVDapache/struts56 versions+55

▶NVDoracle/siebel_e-billing7.1

Patches

Patch: www.oracle.com ↗Patch: struts.apache.org ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

Apache Struts RCE Vulnerability↗2022-05-14

▶

OSV

Apache Struts RCE Vulnerability↗2022-05-14

▶

CVEList

CVE-2016-3081: Apache Struts 2↗2016-04-26

▶

💥Exploits & PoCs

Exploit-DB

Apache Struts - Dynamic Method Invocation Remote Code Execution (Metasploit)↗2016-05-02

▶

Nuclei

Apache S2-032 Struts - Remote Code Execution

▶

💬Community

Bugzilla

CVE-2016-3081 Struts2: RCE via method: prefix when Dynamic Method Invocation is enabled (S2-032)↗2016-04-27

▶