Struts

Will it Pwn CVE-2017-5638: Remote Code Execution in Apache Struts 2?

This post was originally published here by AJIN ABRAHAM. A few days back Nike Zheng reported a Remote Code Execution vulnerability in Apache Struts2. The vulnerability exploits a bug in Jakarta’s Multipart parser used by Apache Struts2 to achieve remote code execution by sending a crafted Content-Type header in the request. This is a perfect example for […]

Share this page