SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  Apache Struts REST Plugin Remote Code Execution

Category: WEB-ATTACKS      

Apache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3087

Relevant Information


© SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0