Apache Struts2 — The Vulnerability

Now today’s article is gonna be a little more advanced. Today we are going to discuss about apache struts 2 and the vulnerability found in it. This vulnerability was found in 2017, but most of us don’t know about this apache’s service. So, I am going to give you a brief about this service.

Apache and Struts 2

The Apache HTTP Server, colloquially called Apache, is a free and open-source cross-platform web server software, released under the terms of Apache License 2.0. Apache is developed and maintained by an open community of developers under the auspices of the Apache Software Foundation. Now the apache community started a service i.e. Apache Struts 2 (square).

The Vulnerability

The vulnerability, CVE-2017–5638, located in the Jakarta Multipart parser(file upload system in Apache Struts 2), allows unauthenticated attackers to run arbitrary remote code on a vulnerable server by uploading malicious code script. An attacker can exploit the flaw by sending an invalid value that causes the software to throw an exception. Instead of merely displaying the cause of the exception, the code that was added by the attacker in the request gets executed.

History and Reasons

Now not only struts2, but also previous versions of struts were the same. Why is it so vulnerable? I mean apache is a world wide used web server software. Then, why did this become so vulnerable i.e. could not focus a little on their security for others? Well first of all it is open source i.e. you can use it for free, so for technical maintenance the developers doesn’t have much capital to spend. Secondly, to give it’s functionality such wide range of customizations and making it run on a normal pc, many levels of security has been disabled. Thus you don’t expect much security.

Then are the companies safe, that run apache on there main servers?

Well technically, nothing is secure, everything has a vulnerability in it. You just need to be sharp enough to get into that system. Also, what companies do is, they hire are keep a team of developers and security analyst, that patch/edit almost all the open services and make a custom installation on there server in production, before deploying there web server on-line. So they are secure as per there launch, but eventually, if found any bugs, those get reported by bug hunters and patched before anyone else could get to it. In the worst case, if that vulnerability/bug get into hands of bad guys, then comes the real hack, that flashes on all the news channel, telling biggest data breach of the century(if you know which breach I am talking about).

Conclusion

Nothing much, just want to tell you that struts is a fairly bad service by apache (no offense). Even if it provides you some handy tools to make your work easier. Don’t forget there is always an alternate to everything, because if it ain’t there… Congratulations!! You just found a new startup idea ;)

Nehh, just a n00b

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store