CVE-2017-9805
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2017-9805
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apache Struts 代码问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Apache Struts是美国阿帕奇(Apache)软件基金会的一个开源项目,是一套用于创建企业级Java Web应用的开源MVC框架,主要提供两个版本框架产品,Struts 1和Struts 2。REST plugin是其中的一个处理传入URL请求的插件。 Apache Struts 2.5版本至2.5.12版本和2.1.2版本至2.3.33版本的REST插件存在远程代码执行漏洞。当Struts2通过REST插件使用XStream的实例xstreamhandler处理反序列化XML有效载荷时没有进行任
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Shenlong Deep Dive — AI Deep Analysis
10-question deep dive: root cause, exploitation, mitigation, urgency. Read summary free, full version requires login.
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Apache Software Foundation | Apache Struts | Apache Struts before 2.3.34 and 2.5.x before 2.5.13 | - |
II. Public POCs for CVE-2017-9805
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | CVE 2017-9805 | https://github.com/luc10/struts-rce-cve-2017-9805 | POC Details |
| 2 | cve -2017-9805 | https://github.com/hahwul/struts2-rce-cve-2017-9805-ruby | POC Details |
| 3 | An exploit for Apache Struts CVE-2017-9805 | https://github.com/mazen160/struts-pwn_CVE-2017-9805 | POC Details |
| 4 | An exploit for Apache Struts CVE-2017-9805 | https://github.com/Lone-Ranger/apache-struts-pwn_CVE-2017-9805 | POC Details |
| 5 | Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805) | https://github.com/0x00-0x00/-CVE-2017-9805 | POC Details |
| 6 | CVE-2017-9805 - Exploit | https://github.com/BeyondCy/S2-052 | POC Details |
| 7 | Better Exploit Code For CVE 2017 9805 apache struts | https://github.com/chrisjd20/cve-2017-9805.py | POC Details |
| 8 | Simple python script to fuzz site for CVE-2017-9805 | https://github.com/UbuntuStrike/struts_rest_rce_fuzz-CVE-2017-9805- | POC Details |
| 9 | A script to Fuzz and and exploit Apache struts CVE-2017-9805 | https://github.com/UbuntuStrike/CVE-2017-9805-Apache-Struts-Fuzz-N-Sploit | POC Details |
| 10 | None | https://github.com/AvishkaSenadheera/CVE-2017-9805---Documentation---IT19143378 | POC Details |
| 11 | Struts 2.5 - 2.5.12 REST Plugin XStream RCE | https://github.com/wifido/CVE-2017-9805-Exploit | POC Details |
| 12 | None | https://github.com/rvermeulen/apache-struts-cve-2017-9805 | POC Details |
| 13 | Exploit script for Apache Struts2 REST Plugin XStream RCE (CVE-2017-9805) | https://github.com/jongmartinez/-CVE-2017-9805- | POC Details |
| 14 | struts2-rest-showcase 2.5.10 | https://github.com/z3bd/CVE-2017-9805 | POC Details |
| 15 | CVE-2017-9805-Exploit | https://github.com/0xd3vil/CVE-2017-9805-Exploit | POC Details |
| 16 | CVE-2017-9805 POC | https://github.com/Shakun8/CVE-2017-9805 | POC Details |
| 17 | The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads. | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2017/CVE-2017-9805.yaml | POC Details |
| 18 | None | https://github.com/Threekiii/Awesome-POC/blob/master/%E4%B8%AD%E9%97%B4%E4%BB%B6%E6%BC%8F%E6%B4%9E/Apache%20Struts2%20S2-052%20%E8%BF%9C%E7%A8%8B%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E%20CVE-2017-9805.md | POC Details |
| 19 | Example web application that run on struts2 REST plugin 2.5.8, for demonstration purpose only | https://github.com/NoSpaceAvailable/CVE-2017-9805_example_build | POC Details |
| 20 | CVE-2017-9805: Apache Struts 2 S2-052 RCE Exploit - PoC for Harvard University (OTD) | https://github.com/Fl5xia/CVE-2017-9805 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2017-9805
请登录查看更多情报信息。
- https://struts.apache.org/docs/s2-052.htmlx_refsource_CONFIRM
- https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifaxx_refsource_CONFIRM
- https://cwiki.apache.org/confluence/display/WW/S2-052x_refsource_CONFIRM
- https://lgtm.com/blog/apache_struts_CVE-2017-9805x_refsource_MISC
- https://security.netapp.com/advisory/ntap-20170907-0001/x_refsource_CONFIRM
- 🔗 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2vendor-advisoryx_refsource_CISCO
- https://nvd.nist.gov/vuln/detail/CVE-2017-9805
IV. Related Vulnerabilities
Same product: Apache Struts
- CVE-2025-68493
Apache Struts, Apache Struts: XXE vulnerability in outdated - CVE-2025-66675
Apache Struts: File leak in multipart request processing cau - CVE-2025-64775
Apache Struts: File leak in multipart request processing cau - CVE-2024-53677
Apache Struts: Mixing setters for uploaded files and normal - CVE-2023-50164
Apache Struts: File upload component had a directory travers
Same vendor: Apache Software Foundation
- CVE-2026-39816
Apache NiFi: Missing Execute Code Required Permission on Tin - CVE-2026-25199
Apache CloudStack: Proxmox Extension Allows Unauthorized Cro - CVE-2026-25077
Apache CloudStack: Unauthenticated Command Injection in Dire - CVE-2025-69233
Apache CloudStack: Domain/account resources limits not honor - CVE-2025-66467
Apache CloudStack: MinIO policy remains intact on bucket del
V. Comments for CVE-2017-9805
No comments yet