CVE-2017-5638
Apache Struts Remote Code Execution Vulnerability
CVSS
—
Sin CVSS
EPSS
100.0%
p100
KEV
SÍ
3 nov 2021
Exploit Today
80
0-100
Publicado: — · Última mod.: —
100.0%EPSS · 30 días100.0%
2026-06-302026-07-16
Producto
Apache / Struts
Vulnerabilidad
Apache Struts Remote Code Execution Vulnerability
Añadido a KEV
3 nov 2021
Remediar antes de
3 may 2022
Uso conocido en ransomware
Sí
Descripción resumida
Apache Struts Jakarta Multipart parser allows for malicious file upload using the Content-Type value, leading to remote code execution.
Acción requerida
Apply updates per vendor instructions.
Notas
https://nvd.nist.gov/vuln/detail/CVE-2017-5638
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2018-11776—100.0%
KEV—80Apache Struts Remote Code Execution Vulnerability—CVE-2013-2251—100.0%
KEV—80Apache Struts Improper Input Validation Vulnerability—CVE-2017-9805—99.9%
KEV—80Apache Struts Deserialization of Untrusted Data Vulnerability—CVE-2020-17530—99.9%
KEV—80Apache Struts Remote Code Execution Vulnerability—