Vulnerabilities Threats

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

Exploit.HTTP.CVE-2017-5638

Home Threats Exploit Exploit.HTTP.CVE-2017-5638
Detect Date 03/16/2017
Class Exploit
Platform HTTP
Description

The Jakarta Multipart parser from Apache Struts 2 versions 2.3.X up to 2.3.32, and Apache Struts 2 versions 2.5.X up to 2.5.10.1 incorrectly manages exception handling and error message generation during file uploading attempts, which allows attackers to remotely execute arbitrary commands via purposely created HTTP headers Content-Type, Content-Disposition, or Content-Length.

Top 10 countries with most attacked users (% of total attacks)

  Country Percentage of users*
1 Russia 9.73
2 Brazil 8.09
3 China 8.09
4 India 7.98
5 USA 4.70
6 Italy 2.62
7 Colombia 2.40
8 Spain 2.40
9 Vietnam 2.40
10 France 2.30

* Percentage of all unique Kaspersky users worldwide who have been attacked by this malware
Find out the statistics of the threats spreading in your region
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy Cookies

Up