PT-2013-1357 · Apache · Apache Struts

Takeshi Terada

Published

2013-05-23

Updated

2025-03-13

CVE-2013-2251

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Apache Struts versions 2.0.0 through 2.3.15

Description The issue is related to the improper sanitization of input data in the DefaultActionMapper mechanism of Apache Struts. This allows a remote attacker to execute arbitrary OGNL expressions by crafting parameters with specific prefixes, such as action:, redirect:, or redirectAction:. The vulnerability can be exploited to execute server-side code.

Recommendations For Apache Struts versions 2.0.0 through 2.3.15, update to a version later than 2.3.15.1 to resolve the issue. As a temporary workaround, consider restricting the use of parameters with the action:, redirect:, and redirectAction: prefixes to minimize the risk of exploitation.

Exploit

Fix

RCE

Code Injection

Special Elements Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94CWE-20CWE-74

Related Identifiers

BDU:2022-05999

BDU:2022-06344

CVE-2013-2251

GHSA-47QP-8V9G-39HP

Affected Products

Apache Struts

PT-2013-1357 · Apache · Apache Struts

CVE-2013-2251

Weakness Enumeration

Related Identifiers

Affected Products

References · 43