Back to KEVs

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by...

Basic Information

CVE State: PUBLISHED
Reserved Date: June 05, 2018
Published Date: August 22, 2018
Last Updated: February 06, 2025
Vendor: Apache Software Foundation
Product: Apache Struts
Description: Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then: results are used with no namespace and in same time, its upper package have no or wildcard namespace and similar to results, same possibility when using url tag which doesn't have value and action set and in same time, its upper package have no or wildcard namespace.

CVSS Scores

SSVC Information

Exploitation: active
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2021-11-03 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2020-06-12 18:46:29 UTC) Source

References

http://www.securitytracker.com/id/1041888 https://www.exploit-db.com/exploits/45367/ https://www.exploit-db.com/exploits/45262/ http://www.securityfocus.com/bid/105125 http://www.securitytracker.com/id/1041547 https://www.exploit-db.com/exploits/45260/ https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html https://security.netapp.com/advisory/ntap-20181018-0002/ https://cwiki.apache.org/confluence/display/WW/S2-057 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0012 http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-11776-5072787.html https://lgtm.com/blog/apache_struts_CVE-2018-11776 https://security.netapp.com/advisory/ntap-20180822-0001/ http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2018-005.txt https://github.com/hook-s3c/CVE-2018-11776-Python-PoC http://packetstormsecurity.com/files/172830/Apache-Struts-Remote-Code-Execution.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2021-11-03 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/struts2_namespace_ognl.rb	2025-04-29 11:01:23 UTC
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2018/CVE-2018-11776.yaml	2025-04-26 00:00:00 UTC