fortiguard.fortinet.com
Open in
urlscan Pro
154.52.2.196
Public Scan
Submitted URL: http://www.fortinet.com/ids/VID43745
Effective URL: https://fortiguard.fortinet.com/encyclopedia/ips/43745
Submission: On April 21 via api from OM — Scanned from DE
Effective URL: https://fortiguard.fortinet.com/encyclopedia/ips/43745
Submission: On April 21 via api from OM — Scanned from DE
Form analysis 2 forms found in the DOM
GET /search
<form action="/search" method="get" class="form-check d-none ng-pristine ng-valid">
<span class="search_flat">
<label for="search_field_header" class="visually-hidden" id="label-search_field-header">Search</label>
<input id="search_field_header" type="text" class="search_field" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button type="submit" value=" " class="btn btn-sm" aria-label="Submit your search">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=26081" alt="search">
</button>
<div class="global_search-popup">
<fieldset>
<legend class="visually-hidden">Please select any available option</legend>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="all_home" class="form-check-input search-input-option" value="1" checked="checked" aria-checked="true">
<label class="form-check-label search-input-label" for="all_home"> Normal </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="exact_home" class="form-check-input search-input-option" value="2">
<label class="form-check-label search-input-label" for="exact_home"> Exact Match </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="cve_home" class="form-check-input search-input-option" value="3">
<label class="form-check-label search-input-label" for="cve_home"> CVE Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="threat_home" class="form-check-input search-input-option" value="4">
<label class="form-check-label search-input-label" for="threat_home"> ID Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="vid_home" class="form-check-input search-input-option" value="5">
<label class="form-check-label search-input-label" for="vid_home"> Zero-Day Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="psirt_home" class="form-check-input search-input-option" value="6">
<label class="form-check-label search-input-label" for="psirt_home"> PSIRT Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="repms_home" class="form-check-input search-input-option" value="8">
<label class="form-check-label search-input-label" for="repms_home"> Antispam Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="outbreak-alert_home" class="form-check-input search-input-option" value="9">
<label class="form-check-label search-input-label" for="outbreak-alert_home"> Outbreak Alert Lookup </label>
</div>
<div class="form-check search-popup-item">
<input type="radio" name="engine" id="url_home" class="form-check-input search-input-option" value="7">
<label class="form-check-label search-input-label" for="url_home"> IP/Domain/URL Lookup </label>
</div>
</fieldset>
</div>
</span>
</form>GET /search
<form action="/search" method="get" class="mobile-search-form col-12 ng-pristine ng-valid">
<div class="input-group">
<select class="form-select" name="engine">
<option value="1"> Normal </option>
<option value="2"> Exact Match </option>
<option value="3"> CVE Lookup </option>
<option value="4"> ID Lookup </option>
<option value="5"> Zero-Day Lookup </option>
<option value="6"> PSIRT Lookup </option>
<option value="8"> Antispam Lookup </option>
<option value="9"> Outbreak Alert Lookup </option>
<option value="7"> IP/Domain/URL Lookup </option>
</select>
<input id="search_field_header" type="text" class="form-control" placeholder="Search FortiGuard" name="q" required="required" autocomplete="off" aria-labelledby="label-search_field-header" value="">
<button class="btn btn-sm btn-outline-secondary" type="submit">
<img src="https://filestore.fortinet.com/fortiguard/static/images/icons_white/search.svg?v=26081" alt="search">
</button>
</div>
</form>Text Content
* Search
Please select any available option
Normal
Exact Match
CVE Lookup
ID Lookup
Zero-Day Lookup
PSIRT Lookup
Antispam Lookup
Outbreak Alert Lookup
IP/Domain/URL Lookup
* News / Research
NEWS/RESEARCH
RESEARCH CENTER
PSIRT CENTER
Explore latest research and threat reports on emerging cyber threats.
* Outbreak Alerts
* Threat Signal
* Security Blog
* Zero Day
Fortinet Product Security Incident Response Team (PSIRT) updates.
* Advisories
* Security Vulnerability Policy
* PSIRT Blog
* PSIRT Contact
* Services
SERVICES
BY OUTBREAK
BY SOLUTION
BY PRODUCT
PROTECT
Counter measures across the security fabric for protecting assets, data and
network.
* Anti-Recon and Anti-Exploit
* AntiSpam
* AntiVirus
* Application Control
* Anti-Botnet
* Endpoint Detection & Response
* Endpoint Vulnerability
* Operational Technology Security
* Intrusion Protection
* Sandbox Behavior Engine
* Web Application Security
* Web Filtering
DETECT
Find and correlate important information to identify an outbreak.Find and
correlate
* Anti-Recon and Anti-Exploit
* Indicators of Compromise
* Outbreak Deception
* Outbreak Detection
* Security Automation
RESPOND
Develop containment techniques to mitigate impacts of security events.Develop
containment
* FortiClient Forensics
* FortiRecon: ACI
* FortiXDR
* Incident Response
RECOVER
Improve security posture and processes by implementing security awareness and
training.
* Assessment Services
* NSE Training
* Security Awareness Training
IDENTIFY
Identify processes and assets that need protection.Identify processes and
assets that
* CNP
* Endpoint Vulnerability
* FortiRecon: BP
* FortiRecon: EASM
* FortiTester
* IoT Detection
* Pen Testing
* Security Rating
* NETWORK SECURITY
* Anti-Recon and Anti-Exploit
* Anti-Botnet
* CNP
* Data Loss Prevention
* Indicators of Compromise
* Internet Services
* Intrusion Protection
* IP Geolocation
* Secure DNS
* ENDPOINT SECURITY
* ANN and NDR
* AntiVirus
* Endpoint Detection & Response
* Endpoint Vulnerability
* IoT Detection
* Sandbox Behavior Engine
* FortiClient Outbreak Detection
* APPLICATION SECURITY
* AntiSpam
* Application Control
* Credential Stuffing Defense
* Client Application Firewall
* Operational Technology Security
* Web Application Security
* Web Filtering
* SECURITY OPERATIONS
* Breach Attack Simulation
* FortiDevSec
* FortiSIEM Outbreak Detection Service
* Outbreak Detection
* Outbreak Deception
* Pen Testing
* Security Rating
* FortiGate
* FortiAnalyzer
* FortiClient
* FortiWeb
* FortiADC
* FortiAuthenticator
* FortiCNP
* FortiDDoS
* FortiDeceptor
* FortiEDR
* empty
* FortiMail
* FortiNDR
* FortiPAM
* FortiPolicy
* FortiProxy
* FortiRecon
* FortiSandBox
* FortiSASE
* FortiSIEM
* FortiTester
* empty
* AntiVirus
* Application Control
* Anti-Botnet
* Operational Technology Security
* Intrusion Protection
* IoT Detection
* IP Geolocation
* Secure DNS
* Security Rating
* Web Filtering
* Indicators of Compromise
* Outbreak Detection
* Security Automation
* Anti-Recon and Anti-Exploit
* AntiVirus
* Application Firewall
* Anti-Botnet
* Credential Stuffing Defense
* Endpoint Vulnerability
* Intrusion Protection
* Web Filtering
* Outbreak Detection
* AntiVirus
* Application Control
* Anti-Botnet
* Credential Stuffing Defense
* IP Geolocation
* Web Application Security
* Fuzzy Webshell
* AntiVirus
* Anti-Botnet
* Credential Stuffing Defense
* Intrusion Protection
* IP Geolocation
* Web Application Security
* Web Filtering
* IP Geolocation
* Anti-Botnet
* Data Loss Prevention
* IP Geolocation
* Vulnerability
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* AntiVirus
* Intrusion Protection
* Outbreak Deception
* AntiVirus
* EndPoint Detection and Response
* Endpoint Vulnerability
* Indicators of Compromise
* Web Filtering
* AntiSpam
* AntiVirus
* Web Filtering
* Network Detection and Response
* AntiVirus
* Data Loss Prevention
* Anti-Botnet
* Application Control
* Anti-Botnet
* Application Control
* Industrial Security
* Digital Risk Protection
* AntiVirus
* Intrusion Protection
* Sandbox Behavior Engine
* Web Filtering
* AntiVirus
* Application Control
* Anti-Botnet
* Data Loss Prevention
* Endpoint Vulnerability
* Intrusion Protection
* Secure DNS
* Web Filtering
* Indicators of Compromise
* IP Geolocation
* Outbreak Detection
* Breach Attack Simulation
* Threat Intelligence
THREAT INTELLIGENCE
CENTER
Browse the FortiGuard Labs extensive encyclopedia and Threat Analytics.
* Threat Encyclopedia
* Threat Analytics
* Threat Map
* Application Control Lookup
* Web Filtering Lookup
* Resources
RESOURCE CENTER
Learn about service status, publications and other available resources.
* MITRE ATT&CK Matrix
* Publications
* Security Best Practices
* FortiGuard Sample Files
* About
ABOUT
FORTIGUARD LABS
PARTNERS
AI-Powered Threat Intelligence for an Evolving Digital World.
* Premium Services
* Contact Us
* RSS Feeds
Leveraging cyber security industry partner relationships.
* Cyber Threat Alliance
* MITRE Engenuity
*
* News / Research
* Outbreak Alerts
* Threat Signal
* Security Blog
* Zero Day
* Advisories
* Security Vulnerability Policy
* PSIRT Blog
* PSIRT Contact
* Services
* Anti-Botnet
* Anti-Recon and Anti-Exploit
* Anti-Recon and Anti-Exploit
* AntiSpam
* AntiVirus
* Application Control
* Assessment Services
* CNP
* Endpoint Detection & Response
* Endpoint Vulnerability
* Endpoint Vulnerability
* FortiClient Forensics
* FortiRecon: ACI
* FortiRecon: BP
* FortiRecon: EASM
* FortiTester
* FortiXDR
* Incident Response
* Indicators of Compromise
* Intrusion Protection
* IoT Detection
* NSE Training
* Operational Technology Security
* Outbreak Deception
* Outbreak Detection
* Pen Testing
* Sandbox Behavior Engine
* Security Automation
* Security Awareness Training
* Security Rating
* Web Application Security
* Web Filtering
* Threat Lookup
* Threat Encyclopedia
* Threat Analytics
* Threat Map
* Application Control Lookup
* Web Filtering Lookup
* Resources
* MITRE ATT&CK Matrix
* Publications
* Security Best Practices
* FortiGuard Sample Files
* About
* Premium Services
* Contact Us
* RSS Feeds
* Cyber Threat Alliance
* MITRE Engenuity
* FORTINET
Normal Exact Match CVE Lookup ID Lookup Zero-Day Lookup PSIRT Lookup Antispam
Lookup Outbreak Alert Lookup IP/Domain/URL Lookup
INTRUSION PREVENTION
APACHE.STRUTS.2.JAKARTA.MULTIPART.PARSER.CODE.EXECUTION
DESCRIPTION
This indicates an attack attempt to exploit a remote Code Execution
vulnerability in Apache Struts.
The vulnerability is caused error handling issue when the application handles a
crafted HTTP request containing a malicious "Content-Type" or
"Content-Dispostion" field. A remote attacker may be able to exploit this to
execute arbitrary code within the context of the application, via a crafted
request.
AFFECTED PRODUCTS
Struts 2.3.5 - Struts 2.3.31
Struts 2.5 - Struts 2.5.10
IMPACT
System Compromise: Remote attackers can gain control of vulnerable systems.
RECOMMENDED ACTIONS
Apply the most recent upgrade or patch from the vendor.
https://cwiki.apache.org/confluence/display/WW/S2-045
https://cwiki.apache.org/confluence/display/WW/S2-046
TELEMETRY
COVERAGE
IPS (Regular DB) IPS (Extended DB)
VERSION UPDATES
Date Version Detail 2020-12-07 16.974 Sig Added 2020-05-21 15.848 Sig Added
REFERENCES
https://cwiki.apache.org/confluence/display/WW/S2-046
https://cwiki.apache.org/confluence/display/WW/S2-045
ID 43745 Created Mar 09, 2017 Updated Dec 04, 2020 Risk CVE ID CVE-2017-5638
Known Exploited Yes Exploit Prediction Score 97.53% Default Action drop Active
Affected OS All Affected App Apache
* Contact Us
* Legal
* Privacy
* Partners
* Feedback
*
*
*
*
*
Copyright © 2024 Fortinet, Inc. All Rights Reserved.
This site uses cookies. Some are essential to the operation of the site; others
help us improve the user experience. By continuing to use the site, you consent
to the use of these cookies. To learn more about cookies, please read our
privacy policy.
Accept