HTTP: Apache Struts 2 Commons FileUpload Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against Apache Struts 2. This vulnerability is due to Apache Struts 2 having a dependency on a vulnerable version of Commons FileUpload. A remote attacker can exploit this vulnerability by sending a specially crafted serialized objects to an application using Apache Struts 2 that also has a suitable attack vector. Successful exploitation can result in arbitrary file upload withing the security context of the target application.
Extended Description
Apache Commons FileUpload before 1.3.3 DiskFileItem File Manipulation Remote Code Execution
Affected Products
Apache commons_fileupload
Short Name
HTTP:APACHE:INSEC-FILEUP-DESRI
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
2 Apache CVE-2016-1000031 Commons Deserialization FileUpload Insecure Struts
Release Date
01/28/2019
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3427
Port
TCP/1099
False Positive
Unknown
Vendors
Apache
CVSS Score
7.5