CVE-2018-11776
- Source
- https://cve.org/CVERecord?id=CVE-2018-11776
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11776.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2018-11776
- Aliases
- Published
- 2018-08-22T13:29:00.753Z
- Modified
- 2026-04-10T04:05:34.860243Z
- Severity
-
- 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.
- References
-
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-11776
- http://www.securityfocus.com/bid/105125
- http://www.securitytracker.com/id/1041888
- http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt
- http://www.securitytracker.com/id/1041547
- https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012
- https://security.netapp.com/advisory/ntap-20180822-0001/
- https://www.oracle.com/security-alerts/cpujul2020.html
- http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html
- https://security.netapp.com/advisory/ntap-20181018-0002/
- https://cwiki.apache.org/confluence/display/WW/S2-057
- http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
- https://lgtm.com/blog/apache_struts_CVE-2018-11776
- https://www.exploit-db.com/exploits/45262/
- https://github.com/hook-s3c/CVE-2018-11776-Python-PoC
- https://www.exploit-db.com/exploits/45367/
- https://www.exploit-db.com/exploits/45260/
Affected packages
Git / github.com/apache/struts
Affected versions
Other
STRUTS_2_3_24
STRUTS_2_3_24_1
STRUTS_2_3_25
STRUTS_2_3_26
STRUTS_2_3_27
STRUTS_2_3_28
STRUTS_2_3_29
STRUTS_2_3_30
STRUTS_2_3_31
STRUTS_2_3_32
STRUTS_2_3_33
STRUTS_2_3_34
STRUTS_2_5_10
STRUTS_2_5_11
STRUTS_2_5_12
STRUTS_2_5_13
STRUTS_2_5_14
STRUTS_2_5_14_1
STRUTS_2_5_15
STRUTS_2_5_16
STRUTS_2_5_3
STRUTS_2_5_4
STRUTS_2_5_5
STRUTS_2_5_6
STRUTS_2_5_7
STRUTS_2_5_8
STRUTS_2_5_9
STRUTS_2_5_BETA1
STRUTS_2_5_BETA2
Database specific
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-11776.json"
unresolved_ranges
[
{
"events": [
{
"introduced": "7.3"
}
]
},
{
"events": [
{
"introduced": "9.5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"fixed": "12.5.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.3.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "13.4.0.0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "3.4.9.4237"
}
]
},
{
"events": [
{
"introduced": "4.0.0"
},
{
"last_affected": "4.0.6.5281"
}
]
},
{
"events": [
{
"introduced": "8.0.0"
},
{
"last_affected": "8.0.2.8191"
}
]
}
]