What is CVE-2021-31805?

CVE-2021-31805 is a vulnerability in Apache Software Foundation Struts, classified under Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection). Published 2022-04-12.

Is CVE-2021-31805 known to be exploited?

45 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

RCE in Apache Software Foundation Struts

CVE-2021-31805

The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %{...} syntax. Using f…

Vulnerability class: Log4Shell (CVE-2021-44228)

EPSS: 0.938 (99.9th percentile) — read the EPSS interpretation.

Affected products

Apache Software Foundation Struts — versions 2.0.0 to 2.5.29

Weakness classification (CWE)

CWE-917 — Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection)

Public proof-of-concept exploits

References

cwiki.apache.org/confluence/display/WW/S2-062 (x_refsource_MISC)
[oss-security] 20220412 CVE-2021-31805: Apache Struts: Forced OGNL evaluation, when evaluated on raw not validated user input in tag attributes, may lead to RCE. (mailing-list, x_refsource_MLIST)
www.oracle.com/security-alerts/cpujul2022.html (x_refsource_MISC)
security.netapp.com/advisory/ntap-20220420-0001/ (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2021-31805?: CVE-2021-31805 is a vulnerability in Apache Software Foundation Struts, classified under Improper Neutralization of Special Elements used in an Expression Language Statement (Expression Language Injection). Published 2022-04-12.
Is CVE-2021-31805 known to be exploited?: 45 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.