CVE-2017-9791 - Apache Struts 1 Improper Input Validation Vulnerability
Project:Apache
Product:Struts 1
Date Added:2022-02-10Due Date:2022-08-10
Vulnerability Name
Apache Struts 1 Improper Input Validation Vulnerability
Description
The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Apply updates per vendor instructions.
Additional Notes
https://nvd.nist.gov/vuln/detail/CVE-2017-9791