Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2021-31805
Severity
9.8CRITICAL
EPSS
94.0%
top 0.11%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedApr 12
Latest updateJan 15
Description
The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9
Affected Packages3 packages
Patches
🔴Vulnerability Details
4💥Exploits & PoCs
1Nuclei▶
Apache Struts2 S2-062 - Remote Code Execution
📋Vendor Advisories
4Oracle▶
Oracle Oracle Hyperion Risk Matrix: Installation and Configuration (Apache Struts) — CVE-2021-31805↗2023-01-15
Oracle▶
Oracle Oracle Communications Risk Matrix: Configuration Management Platform (Apache Struts) — CVE-2021-31805↗2022-10-15
Oracle▶
Oracle Oracle Hospitality Applications Risk Matrix: Login (Apache Struts) — CVE-2021-31805↗2022-07-15
Red Hat▶
Struts: Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE.↗2022-04-12
🕵️Threat Intelligence
1Unit42
▶