{"id":7632,"date":"2017-09-08T20:42:14","date_gmt":"2017-09-08T20:42:14","guid":{"rendered":"http:\/\/blog.nsfocusglobal.com\/?p=833"},"modified":"2025-07-09T07:16:21","modified_gmt":"2025-07-09T07:16:21","slug":"struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis","status":"publish","type":"post","link":"https:\/\/nsfocusglobal.com\/pt-br\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/","title":{"rendered":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis"},"content":{"rendered":"<h2><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2.png\"><img fetchpriority=\"high\" decoding=\"async\" class=\"size-full wp-image-844 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2.png\" alt=\"\" width=\"498\" height=\"320\" \/><\/a><\/h2>\n<h2>Overview<\/h2>\n<p>On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x versions is prone to a high-risk remote code execution vulnerability, which has been assigned CVE-2017-9805 (S2-052). When using an XStream handler with an instance of XStream for deserialization, the REST plug-in does not perform any type filtering, thereby causing remote code execution.<\/p>\n<p>Related information is available at the following links:<\/p>\n<p><a href=\"https:\/\/struts.apache.org\/docs\/s2-052.html\"><strong>https:\/\/struts.apache.org\/docs\/s2-052.html<\/strong><\/a><\/p>\n<p><a href=\"https:\/\/cwiki.apache.org\/confluence\/display\/WW\/S2-052\"><strong>https:\/\/cwiki.apache.org\/confluence\/display\/WW\/S2-052<\/strong><\/a><\/p>\n<h2>Affected Versions<\/h2>\n<ul>\n<li>Struts 2.1.2 \u2013 Struts 2.3.33<\/li>\n<li>Struts 2.5 &#8211; Struts 2.5.12<\/li>\n<\/ul>\n<h3>Unaffected Versions<\/h3>\n<ul>\n<li>Struts 2.3.34<\/li>\n<li>Struts 2.5.13<\/li>\n<\/ul>\n<h3>Vulnerability Analysis<\/h3>\n<p>According to the official description, when the REST plug-in uses an XStream handler to handle XML data, it does not perform any filtering before converting the XML data to objects in the deserialization process, leading to remote code execution.<\/p>\n<h3>Environment Setup<\/h3>\n<p>Users can download all source code packages from the official website (<a href=\"https:\/\/archive.apache.org\/dist\/struts\/2.5\/struts-2.5-all.zip\">https:\/\/archive.apache.org\/dist\/struts\/2.5\/struts-2.5-all.zip<\/a>) and then directly deploy struts2-rest-showcase.war onto Tomcat. I prefer manual compilation using Maven. During deployment, note that, due to the javax.imageio dependency, the version of JDK must be JDK8 or later. Some earlier versions of JDK8 do not support the deployment. Here, jdk8_102 is used as an example for vulnerability verification.<\/p>\n<h3>Patch Analysis<\/h3>\n<p>Let&#8217;s have a look at the related configurations of the REST plug-in.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Config-of-the-REST-plug-in.png\"><img decoding=\"async\" class=\"size-full wp-image-834 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Config-of-the-REST-plug-in.png\" alt=\"\" width=\"893\" height=\"268\" \/><\/a><\/p>\n<p>As shown in the preceding figure, the XStream handler uses the default method, Content-Type:xml, to process file handles. Therefore, the REST plug-in is prone to XStream deserialization vulnerability.<\/p>\n<p>The official patch for fixing this vulnerability is available at the following link:<\/p>\n<p><a href=\"https:\/\/github.com\/apache\/struts\/commit\/19494718865f2fb7da5ea363de3822f87fbda264\">https:\/\/github.com\/apache\/struts\/commit\/19494718865f2fb7da5ea363de3822f87fbda264<\/a><\/p>\n<p>In the official solution, data (collection data, map data, basic class data, and time class data) in the XML document is whitelisted, in a bid to prevent bringing in harmful operations during XStream deserialization.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic3.png\"><img decoding=\"async\" class=\"size-full wp-image-835 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic3.png\" alt=\"\" width=\"850\" height=\"618\" \/><\/a><\/p>\n<h3>Generation of PoC<\/h3>\n<p>Currently, the public Proof of Concept (PoC) is based on javax.imageio, which can execute commands locally. However, marshelsec provides 11 XStream deserialization libraries, most of which are based on JNDI, including CommonsConfiguration, Rome, CommonsBeanutils, ServiceLoader, ImageIO, BindingEnumeration, LazySearchEnumeration, SpringAbstractBeanFactoryPointcutAdvisor, SpringPartiallyComparableAdvisorHolder, Resin, and XBean. External request class data is used for deserialization.<\/p>\n<h3>Vulnerability Verification and Analysis<\/h3>\n<p>The following figure shows simple verification and analysis. As shown in the PoC, the request method is PUT; the URL contains the &#8220;xml&#8221; extension; Content-Type of the request is <strong>delicious\/bookmark+xml<\/strong>; the prefix of the requested XML is &lt;set&gt;.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic4.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-836 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic4-1024x545.png\" alt=\"\" width=\"640\" height=\"341\" \/><\/a><\/p>\n<p>The following figure shows the execution call stack that triggers the vulnerability.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic5.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-837 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic5-1024x395.png\" alt=\"\" width=\"640\" height=\"247\" \/><\/a><\/p>\n<p>XStreamHanler.toObject calls fromXml of XStream for deserialization.<\/p>\n<h3>Official Workaround Not Working<\/h3>\n<p>Apache provides a workaround like this: &lt;constant name=&#8221;struts.action.extension&#8221; value=&#8221;xhtml,,,json&#8221; \/&gt;. Apparently, the vendor tries to work around the vulnerability by removing &#8220;xml&#8221; from the &#8220;action.extension&#8221; values. This workaround is supposed to work as follows:<\/p>\n<p>Change the statement in the red box in the following figure into:<\/p>\n<p>&lt;constant name=&#8221;struts.action.extension&#8221; value=&#8221;xhtml,,json&#8221; \/&gt;<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic6.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-838 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic6-1024x414.png\" alt=\"\" width=\"640\" height=\"259\" \/><\/a><\/p>\n<p>To do that, perform the following steps:<\/p>\n<p>Use a compression tool to open the JAR package. Here <strong>struts2-rest-plugin-2.5.10.1.jar<\/strong> is used as an example.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic7.png\"><img loading=\"lazy\" decoding=\"async\" class=\"aligncenter wp-image-839 size-medium\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic7-300x144.png\" alt=\"\" width=\"300\" height=\"144\" \/><\/a><\/p>\n<p>Extract <strong>struts-plugin.xml<\/strong>, modify the settings as required, and then put it back into the compressed package.<\/p>\n<p>&nbsp;<\/p>\n<p>Restart the server.<\/p>\n<p>After XML resolution is stopped, a request for accessing a URL containing <strong>xml<\/strong> will return an HTTP 404 error, indicating that XML data cannot be resolved.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic8.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-840 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic8.png\" alt=\"\" width=\"753\" height=\"232\" \/><\/a><\/p>\n<p>Following is the test case. In our PoC, the POST request does not contain the &#8220;xml&#8221; extension. XStream relates only to Content-Type. If Content-Type values include xml, this type of data will be handed over to XStream for handling. Therefore, the PoC works regardless of whether xml is included as a content type.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic9.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-841 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic9.png\" alt=\"\" width=\"614\" height=\"168\" \/><\/a><\/p>\n<p>As shown in the preceding figure, XML support is removed. Let&#8217;s see how the payload is executed:<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic10.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-842 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic10-1024x398.png\" alt=\"\" width=\"640\" height=\"249\" \/><\/a><\/p>\n<p>The calculator successfully pops up as expected. In addition, by comparing two different PoCs, we find that Content-Type supports a number of XML formats. A POST, PUT, GET, or even a custom request can trigger the vulnerability. Even if we change &lt;map&gt;&lt;entry&gt; to &lt;set&gt;, the vulnerability can still be triggered. Worse still, there are as many as 11 PoCs related to XStream. It is understandably difficult to protect against this vulnerability.<\/p>\n<h2>Technical Solutions<\/h2>\n<h3>Official Solution<\/h3>\n<p>Apache has released updates to fix this vulnerability. Users of the affected applications are advised to upgrade as soon as possible.<\/p>\n<p>Links:<\/p>\n<ul>\n<li>Struts 2.3.34:<\/li>\n<\/ul>\n<p><a href=\"https:\/\/cwiki.apache.org\/confluence\/display\/WW\/Version+Notes+2.3.34\"><strong>https:\/\/cwiki.apache.org\/confluence\/display\/WW\/Version+Notes+2.3.34<\/strong><\/a><\/p>\n<ul>\n<li>Struts 2.5.13:<\/li>\n<\/ul>\n<p><a href=\"https:\/\/cwiki.apache.org\/confluence\/display\/WW\/Version+Notes+2.5.13\"><strong>https:\/\/cwiki.apache.org\/confluence\/display\/WW\/Version+Notes+2.5.13<\/strong><\/a><\/p>\n<h3>NSFOCUS&#8217;s Recommendations<\/h3>\n<h4>Use NSFOCUS&#8217;s detection product or service to detect the vulnerability:<\/h4>\n<ol>\n<li>For Internet-facing assets, use the emergency vulnerability detection service of NSFOCUS Cloud to check for the vulnerability online. The service is available at the following link:<\/li>\n<\/ol>\n<p><a href=\"https:\/\/cloud.nsfocus.com\/#\/krosa\/views\/initcdr\/productandservice?page_id=12\"><strong>https:\/\/cloud.nsfocus.com\/#\/krosa\/views\/initcdr\/productandservice?page_id=12<\/strong><\/a><\/p>\n<ol start=\"2\">\n<li>For internal assets, use NSFOCUS RSAS V6, WVSS, or IDS to check for the vulnerability:<\/li>\n<\/ol>\n<p><strong>Remote Security Assessment System (RSAS V6):<\/strong><\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulweb\"><strong>http:\/\/update.nsfocus.com\/update\/listRsasDetail\/v\/vulweb<\/strong><\/a><\/p>\n<p><strong>Web Vulnerability Scanning System (WVSS):<\/strong><\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listWvss\"><strong>http:\/\/update.nsfocus.com\/update\/listWvss<\/strong><\/a><\/p>\n<p>Network Intrusion Detection System (NIDS):<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listIds\"><strong>http:\/\/update.nsfocus.com\/update\/listIds<\/strong><\/a><\/p>\n<p>You should upgrade your devices to the latest version by downloading upgrade packages from the preceding links before using them to detect vulnerabilities.<\/p>\n<h4>Use NSFOCUS&#8217;s protection product (NIPS, NIDS, NF, or WAF) to protect against the exploitation of the vulnerability:<\/h4>\n<p>Network Intrusion Prevention System (NIPS):<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listIps\"><strong>http:\/\/update.nsfocus.com\/update\/listIps<\/strong><\/a><\/p>\n<p>Next-Generation Firewall (NF):<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/listNf\"><strong>http:\/\/update.nsfocus.com\/update\/listNf<\/strong><\/a><\/p>\n<p>Web Application Firewall (WAF):<\/p>\n<p><a href=\"http:\/\/update.nsfocus.com\/update\/wafIndex\"><strong>http:\/\/update.nsfocus.com\/update\/wafIndex<\/strong><\/a><\/p>\n<p>You should upgrade your devices to the latest version by downloading upgrade packages from the preceding links before using them for protection.<\/p>\n<h4>Workaround<\/h4>\n<p>Add an XML filter to filter out requests whose Content-Type is &#8220;application\/xml&#8221;. This, however, will indiscriminately cause all such requests to fail. Therefore, it can be used only as a temporary solution.<\/p>\n<p>Code for the filter is as follows:<\/p>\n<table style=\"height: 616px;\" width=\"562\">\n<tbody>\n<tr>\n<td width=\"553\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain)<\/p>\n<p>throws IOException, ServletException {<\/p>\n<p>if (request.getContentType() != null) {<\/p>\n<p>String contentType = request.getContentType().toLowerCase(Locale.ENGLISH);<\/p>\n<p>if (contentType != null &amp;&amp; contentType.contains(&#8220;application\/xml&#8221;)) {<\/p>\n<p>response.getWriter().write(&#8220;Reject!&#8221;);<\/p>\n<p style=\"text-align: center;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 } else {<\/p>\n<p>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 chain.doFilter(request, response);<\/p>\n<p>}<\/p>\n<p>} else {<\/p>\n<p>chain.doFilter(request, response);<\/p>\n<p>}<\/p>\n<p>}<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n<p>After creating this filter, conduct a PoC test. The test result proves that matched requests can be blocked.<\/p>\n<p><a href=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic11.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-large wp-image-843 aligncenter\" src=\"https:\/\/staging.nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/pic11-1024x221.png\" alt=\"\" width=\"640\" height=\"138\" \/><\/a><\/p>\n<p>Note that the default restriction policy adopted by the latest versions will cause some functions of REST to stop working, exerting a negative impact on some services. It is recommended that the following new APIs be used:<\/p>\n<ul>\n<li>org.apache.struts2.rest.handler.AllowedClasses<\/li>\n<li>org.apache.struts2.rest.handler.AllowedClassNames<\/li>\n<li>org.apache.struts2.rest.handler.XStreamPermissionProvider<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x versions is prone to a high-risk remote code execution vulnerability, which has been assigned CVE-2017-9805 (S2-052). When using an XStream handler with an instance of XStream for deserialization, the REST plug-in [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":35817,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_coblocks_attr":"","_coblocks_dimensions":"","_coblocks_responsive_height":"","_coblocks_accordion_ie_support":"","footnotes":""},"categories":[3,6],"tags":[],"class_list":["post-7632","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","category-emergency-response"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS<\/title>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"pt_BR\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS\" \/>\n<meta property=\"og:description\" content=\"Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x\" \/>\n<meta property=\"og:url\" content=\"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/\" \/>\n<meta property=\"og:site_name\" content=\"NSFOCUS\" \/>\n<meta property=\"article:published_time\" content=\"2017-09-08T20:42:14+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-07-09T07:16:21+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS\" \/>\n<meta name=\"twitter:description\" content=\"Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. tempo de leitura\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutos\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\"},\"headline\":\"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis\",\"datePublished\":\"2017-09-08T20:42:14+00:00\",\"dateModified\":\"2025-07-09T07:16:21+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/\"},\"wordCount\":1139,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/Struts2-1.png\",\"articleSection\":[\"Blog\",\"Emergency Response\"],\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/\",\"name\":\"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/Struts2-1.png\",\"datePublished\":\"2017-09-08T20:42:14+00:00\",\"dateModified\":\"2025-07-09T07:16:21+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#breadcrumb\"},\"inLanguage\":\"pt-BR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#primaryimage\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/Struts2-1.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2017\\\/09\\\/Struts2-1.png\",\"width\":498,\"height\":320,\"caption\":\"Struts2 logo with binary code and cable.\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/nsfocusglobal.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#website\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"name\":\"NSFOCUS\",\"description\":\"Security Made Smart and Simple\",\"publisher\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"pt-BR\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#organization\",\"name\":\"NSFOCUS\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"contentUrl\":\"https:\\\/\\\/nsfocusglobal.com\\\/wp-content\\\/uploads\\\/2024\\\/08\\\/logo-ns.png\",\"width\":248,\"height\":36,\"caption\":\"NSFOCUS\"},\"image\":{\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/#\\\/schema\\\/person\\\/fd9ab61c9c77a81bbd870f725cc0c61d\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"pt-BR\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/nsfocusglobal.com\"],\"url\":\"https:\\\/\\\/nsfocusglobal.com\\\/pt-br\\\/author\\\/admin\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"pt_BR","og_type":"article","og_title":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS","og_description":"Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x","og_url":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/","og_site_name":"NSFOCUS","article_published_time":"2017-09-08T20:42:14+00:00","article_modified_time":"2025-07-09T07:16:21+00:00","og_image":[{"url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png","type":"","width":"","height":""}],"author":"admin","twitter_card":"summary_large_image","twitter_title":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS","twitter_description":"Overview On September 5, 2017, Apache Struts released the latest security bulletin announcing that the REST plug-in in Apache Struts 2.5.x and some 2.x","twitter_image":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png","twitter_misc":{"Escrito por":"admin","Est. tempo de leitura":"6 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#article","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/"},"author":{"name":"admin","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d"},"headline":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis","datePublished":"2017-09-08T20:42:14+00:00","dateModified":"2025-07-09T07:16:21+00:00","mainEntityOfPage":{"@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/"},"wordCount":1139,"commentCount":0,"publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"image":{"@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png","articleSection":["Blog","Emergency Response"],"inLanguage":"pt-BR","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/","url":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/","name":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis - NSFOCUS","isPartOf":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website"},"primaryImageOfPage":{"@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#primaryimage"},"image":{"@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#primaryimage"},"thumbnailUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png","datePublished":"2017-09-08T20:42:14+00:00","dateModified":"2025-07-09T07:16:21+00:00","breadcrumb":{"@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#breadcrumb"},"inLanguage":"pt-BR","potentialAction":[{"@type":"ReadAction","target":["https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/"]}]},{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#primaryimage","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2017\/09\/Struts2-1.png","width":498,"height":320,"caption":"Struts2 logo with binary code and cable."},{"@type":"BreadcrumbList","@id":"https:\/\/nsfocusglobal.com\/struts-2-s2-052-rest-plug-in-remote-code-execution-vulnerability-analysis\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/nsfocusglobal.com\/"},{"@type":"ListItem","position":2,"name":"Struts 2 S2-052 REST Plug-in Remote Code Execution Vulnerability Analysis"}]},{"@type":"WebSite","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#website","url":"https:\/\/nsfocusglobal.com\/pt-br\/","name":"NSFOCUS","description":"Security Made Smart and Simple","publisher":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/nsfocusglobal.com\/pt-br\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"pt-BR"},{"@type":"Organization","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#organization","name":"NSFOCUS","url":"https:\/\/nsfocusglobal.com\/pt-br\/","logo":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/","url":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","contentUrl":"https:\/\/nsfocusglobal.com\/wp-content\/uploads\/2024\/08\/logo-ns.png","width":248,"height":36,"caption":"NSFOCUS"},"image":{"@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/nsfocusglobal.com\/pt-br\/#\/schema\/person\/fd9ab61c9c77a81bbd870f725cc0c61d","name":"admin","image":{"@type":"ImageObject","inLanguage":"pt-BR","@id":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3dc987908fc59791d261b1006d84eb931d15287261476b9384e690ed0c568de?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/nsfocusglobal.com"],"url":"https:\/\/nsfocusglobal.com\/pt-br\/author\/admin\/"}]}},"_links":{"self":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/7632","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/comments?post=7632"}],"version-history":[{"count":1,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/7632\/revisions"}],"predecessor-version":[{"id":32649,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/posts\/7632\/revisions\/32649"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media\/35817"}],"wp:attachment":[{"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/media?parent=7632"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/categories?post=7632"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nsfocusglobal.com\/pt-br\/wp-json\/wp\/v2\/tags?post=7632"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}