Apache Struts RCE Vulnerability
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-17-205
Final
1
1
2017-09-29T00:00:00
Current version
2017-09-29T00:00:00
2017-09-29T00:00:00
Multiple Remote Code Execution vulnerabilities (CVE-2017-9805, CVE-2017-9804, CVE-2017-9793) are affecting Apache Struts.
Remote Code Execution (RCE)
The following Fortinet products are NOT affected:FortiOS FortiAPFortiSwitchFortiAnalyzerCurrently all above products not using Apache Struts, so all current and future Apache Struts CVEs will not impact these products.
https://fortiguard.fortinet.com/psirt/FG-IR-17-205
Apache Struts RCE Vulnerability
https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/
https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/
Apache Struts RCE Vulnerability
CVE-2017-9805
CVE-2017-9804
CVE-2017-9793
0
https://fortiguard.fortinet.com/psirt/FG-IR-17-205
Apache Struts RCE Vulnerability
Reference>
https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/
https://www.imperva.com/blog/2017/09/cve-2017-9805-analysis-of-apache-struts-rce-vulnerability-in-rest-plugin/