Exposures › CVE-2017-9791

CVE-2017-9791

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-02-10
Reference
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Players implicated

Description

The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.