CVE-2021-31805

Description from NVD

The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using forced OGNL evaluation on untrusted user input can lead to a Remote Code Execution and security degradation.

Information Acquisition Date:2022-08-14T14:48Z
CVSS 2.0: 7.5 HIGH CVSS 3.x: 9.8 CRITICAL

▼ CVSS3 Vec CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:N/AC:L/Au:N/C:P/I:P/A:P

NVD References

 https://cwiki.apache.org/confluence/display/WW/S2-062
     source:MISC
     tags:Mitigation    Patch    Vendor Advisory    
 [oss-security] 20220412 CVE-2021-31805: Apache Struts: Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE.
     source:MLIST
     tags:Mailing List    Mitigation    Third Party Advisory    
 https://security.netapp.com/advisory/ntap-20220420-0001/
     source:CONFIRM
     tags:Third Party Advisory    
 N/A
     source:N/A
     tags:

This vulnerability may involve a PoC.

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Oracle(2 tweets)



List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...120
https://cvetrends.com54
https://lists.astaro.com/ASGV9-IPS-rules.html#033
https://securityaffairs.co/wordpress/130173/security/critic...11
https://cwiki.apache.org/confluence/display/WW/S2-0627
https://ift.tt/G5y80Uc4
https://security.sios.com/vulnerability/struts-security-vul...3
https://www.bleepingcomputer.com/news/security/critical-apa...3

Information from Twitter

User URL Info Source Date
WolfgangSesin http://www.sesin.at Source WolfgangSesin    1590823226535452672 2022/11/11
WolfgangSesin https://www.sesin.at/2022/11/10/cve-2021-31805-oracle-commu... Source WolfgangSesin    1590823226535452672 2022/11/11
www_sesin_at http://www.sesin.at Source www_sesin_at     1590823230159429633 2022/11/11
www_sesin_at https://www.sesin.at/2022/11/10/cve-2021-31805-oracle-commu... Source www_sesin_at     1590823230159429633 2022/11/11

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com120
cvetrends.com54
lists.astaro.com33
securityaffairs.co11
cwiki.apache.org7
ift.tt4
security.sios.com3
www.bleepingcomputer.com3

Information from Twitter

User URL Info Source
WolfgangSesin sesin.at Show Tweet
WolfgangSesin sesin.at Show Tweet
www_sesin_at sesin.at Show Tweet
www_sesin_at sesin.at Show Tweet

GitHub Search Results: Up to 10
NameURL
YanMu2020/s2-062 https://github.com/YanMu2020/s2-062
Wrin9/CVE-2021-31805 https://github.com/Wrin9/CVE-2021-31805
aeyesec/CVE-2021-31805 https://github.com/aeyesec/CVE-2021-31805
jax7sec/S2-062 https://github.com/jax7sec/S2-062
Axx8/Struts2_S2-062_CVE-2021-31805 https://github.com/Axx8/Struts2_S2-062_CVE-2021-31805
3SsFuck/CVE-2021-31805-POC https://github.com/3SsFuck/CVE-2021-31805-POC

GitHub Search Results: Up to 10
NameURL
YanMu2020/s2-062 github.com
Wrin9/CVE-2021-31805 github.com
aeyesec/CVE-2021-31805 github.com
jax7sec/S2-062 github.com
Axx8/Struts2_S2-062_CVE-2021-31805 github.com
3SsFuck/CVE-2021-31805-POC github.com

2022/11/11 Score : 0
Added Har-sia Database : 2022/04/13
Last Modified : 2022/11/11
Highest Scored Date : 2022/04/13
Highest Score : 43