Description
A Remote Code Execution vulnerability exists in Apache Struts2 when performing file upload based on Jakarta Multipart parser.
It is possible to perform a RCE attack with a malicious Content-Type value. If the Content-Type value isn't valid an exception is thrown which is then used to display an error message to a user.
Affected versions: Struts 2.3.5 - Struts 2.3.31, Struts 2.5 - Struts 2.5.10
Remediation
If you are using Jakarta based file upload Multipart parser, upgrade to Apache Struts version 2.3.32 or 2.5.10.1.
References
Related Vulnerabilities
MySQL CVE-2022-21355 Vulnerability (CVE-2022-21355)
MediaWiki Missing Authorization Vulnerability (CVE-2019-12469)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-17531)
MySQL CVE-2021-35596 Vulnerability (CVE-2021-35596)
OpenVPN AS Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2013-2692)