Apache Struts 2 RCE (CVE-2017-5638)

Critical Nessus Network Monitor Plugin ID 700055


A payload has been detected that targets a critical vulnerability found in versions of Apache Struts 2.


The remote web server is being targeted by an Apache Struts 2 exploitation attempt. Versions of Apache Struts 2.5.x prior to and 2.3.x prior to 2.3.32 are affected by a flaw that is triggered when handling invalid Content-Type, Content-Disposition, or Content-Length values for uploaded files using the Jakarta Multipart parser. This may allow a remote attacker to potentially execute arbitrary code.


A remote service is attempting to exploit an Apache Struts vulnerability. Ensure that Apache Struts is patched with the latest available version, inspect the system for malicious code, and follow appropriate incident response procedures.

See Also




Plugin Details

Severity: Critical

ID: 700055

File Name: 700055.prm

Family: Web Servers

Published: 2017/04/12

Modified: 2017/08/31

Dependencies: 8166

Nessus ID: 97576, 97610

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 9.8

Temporal Score: 9.3


Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:apache:struts

Patch Publication Date: 2017/03/06

Vulnerability Publication Date: 2017/03/06

Exploitable With

Metasploit (Apache Struts Jakarta Multipart Parser OGNL Injection)

Reference Information

CVE: CVE-2017-5638

BID: 96729

OSVDB: 153025