Apache Struts 2.x < 184.108.40.206 RCE (S2-009)
Critical Nessus Plugin ID 117403
SynopsisA web application running on the remote host uses a Java framework
that is affected by a remote command execution vulnerability.
DescriptionThe version of Apache Struts running on the remote host is 2.x
prior to 220.127.116.11. It, therefore, is affected a possible remote
command execution vulnerability.
Note that Nessus has not tested for these issues but has instead
relied only on the application's self-reported version number.
SolutionUpgrade to Apache Struts version 18.104.22.168 or later