Website Threat Inspector - A new vulnerability detection plug-in is released
Aug 23 2018
Target users: All users of Apache Struts 2 web application framework and system. Features released: On August 22, 2018, the emergency response center of Alibaba Cloud Security detected an officially released Apache security update, which is a remote code execution vulnerability No.S2-057. The detection plug-in of Website Threat Inspector has been released and the vulnerability database has also been updated. Run a security check as soon as possible. You can join our DingTalk tech support group of Website Threat Inspector if you experience any problems: https://ddurl.to/moSVe. Vulnerability description: In the XML configuration, if the namespace value is defined using a wildcard ("/*") or if the upper package configuration does not have a namespace value, this configuration causes a web application remote code execution vulnerability. The following are two examples that are exposed to this vulnerability : <action name="a1"> <result type="redirectAction"> <param name="actionName">a2.action</param> </result> </action> and <action name="help" namespace="/*"> <result>/WEB-INF/help.jsp</result> </action>. Reference link: https://cwiki.apache.org/confluence/display/WW/S2-057 Vulnerability rating: High. Affected scope: Struts 2.3 - Struts 2.3.34, Struts 2.5 - Struts 2.5.16. For more details: https://help.aliyun.com/noticelist/articleid/24270415.html or contact us.