Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2010-1870

Published: 17/08/2010 Updated: 20/10/2020
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 510
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Subscribe to Apache

Vulnerability Summary

The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 up to and including 2.1.8.1, as used in Atlassian Fisheye, Crucible, and possibly other products, uses a permissive whitelist, which allows remote malicious users to modify server-side context objects and bypass the "#" protection mechanism in ParameterInterceptors via the (1) #context, (2) #_memberAccess, (3) #root, (4) #this, (5) #_typeResolver, (6) #_classResolver, (7) #_traceEvaluations, (8) #_lastEvaluation, (9) #_keepLastEvaluation, and possibly other OGNL context variables, a different vulnerability than CVE-2008-6504.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

apache struts 2.0.8

apache struts 2.0.9

apache struts 2.0.3

apache struts 2.0.11.2

apache struts 2.0.11.1

apache struts 2.0.10

apache struts 2.0.5

apache struts 2.0.2

apache struts 2.1.5

apache struts 2.1.4

apache struts 2.0.1

apache struts 2.1.3

apache struts 2.1.2

apache struts 2.0.7

apache struts 2.0.11

apache struts 2.0.14

apache struts 2.0.13

apache struts 2.1.1

apache struts 2.1.0

apache struts 2.0.0

apache struts 2.0.6

apache struts 2.0.4

apache struts 2.0.12

apache struts 2.1.6

apache struts 2.1.8

apache struts 2.1.8.1

Vendor Advisories

Cisco: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products
Multiple Cisco products include an implementation of the Apache Struts 2 component that is affected by a remote command execution vulnerability identified by Apache with Common Vulnerabilities and Exposures ID CVE-2010-1870 The vulnerability is due to insufficient sanitization on user-supplied input in the XWorks component of the affected softwa ...

Exploits

Exploit DB: Struts2/XWork Remote Command Execution
Struts2/XWork suffers from a remote command execution vulnerability ...
Exploit DB: Struts2/XWork < 2.2.0 - Remote Command Execution
Friday, July 9, 2010 CVE-2010-1870: Struts2/XWork remote command execution Update Tue Jul 13 2010: Added proof of concept Apache Struts team has announced uploaded but has not released, due to an unreasonably prolonged voting process, the 220 release of the Struts2 web framework which fixes vulnerability that I've reported to them on May 31st 20 ...
Exploit DB: Apache Struts < 2.2.0 - Remote Command Execution (Metasploit)
## # $Id: struts_code_execrb 13586 2011-08-19 05:59:32Z bannedit $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' c ...

Mailing Lists

Full Disclosure: LISTSERV Maestro Remote Code Execution Vulnerability
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> LISTSERV Maestro Remote Code Execution Vulnerability <!--X-Subject-Header-End--> <!--X-Head-of-Message--> From: "Rya ...

Recent Articles

Apache patch: Cisco catches up with ANCIENT Struts2 vuln
The Register • Richard Chirgwin • 14 Jul 2014

No fix for Business Edition 3000, though

Cisco has issued a patch for a four-year-old Apache Struts2 vulnerability. The original issue, CVE-2010-1870, was originally reported in July 2010. The vulnerability arises out of how Apache Struts2 handles commands passed to the Object-Graph Navigation Language. As the Apache notification states, “The vulnerability allows a malicious user to bypass the '#'-usage protection built into the ParametersInterceptor, thus being able to manipulate server side context objects.” Cisco has now confirm...

Read more...

References

NVD-CWE-Otherhttp://www.exploit-db.com/exploits/14360http://confluence.atlassian.com/display/FISHEYE/FishEye+Security+Advisory+2010-06-16http://struts.apache.org/2.2.1/docs/s2-005.htmlhttp://blog.o0o.nu/2010/07/cve-2010-1870-struts2xwork-remote.htmlhttp://www.securityfocus.com/bid/41592http://seclists.org/fulldisclosure/2010/Jul/183http://www.osvdb.org/66280http://securityreason.com/securityalert/8345http://secunia.com/advisories/59110http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140709-struts2http://seclists.org/fulldisclosure/2020/Oct/23http://packetstormsecurity.com/files/159643/LISTSERV-Maestro-9.0-8-Remote-Code-Execution.htmlhttps://nvd.nist.govhttp://seclists.org/fulldisclosure/2020/Oct/23https://www.exploit-db.com/exploits/14360/http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140709-struts2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook