CVE-2017-9805

8.1 HIGH CISA KEV - Actively Exploited
Published: September 15, 2017 Modified: October 22, 2025
View on NVD

Description

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type filtering, which can lead to Remote Code Execution when deserializing XML payloads.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

CVSS v3.x Details

0.0 Low Medium High Critical 10.0
Vector String
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
Source: security@apache.org
Patch Third Party Advisory
http://www.securityfocus.com/bid/100609
Source: security@apache.org
Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039263
Source: security@apache.org
Broken Link Third Party Advisory VDB Entry
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
Source: security@apache.org
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1488482
Source: security@apache.org
Issue Tracking Third Party Advisory VDB Entry
https://cwiki.apache.org/confluence/display/WW/S2-052
Source: security@apache.org
Mitigation Vendor Advisory
https://lgtm.com/blog/apache_struts_CVE-2017-9805
Source: security@apache.org
Broken Link
https://security.netapp.com/advisory/ntap-20170907-0001/
Source: security@apache.org
Third Party Advisory
https://struts.apache.org/docs/s2-052.html
Source: security@apache.org
Mitigation Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2
Source: security@apache.org
Third Party Advisory
https://www.exploit-db.com/exploits/42627/
Source: security@apache.org
Exploit Third Party Advisory VDB Entry
https://www.kb.cert.org/vuls/id/112992
Source: security@apache.org
Third Party Advisory US Government Resource
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-9805-3889403.html
Source: af854a3a-2127-422b-91ae-364da2661108
Patch Third Party Advisory
http://www.securityfocus.com/bid/100609
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039263
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link Third Party Advisory VDB Entry
https://blogs.apache.org/foundation/entry/apache-struts-statement-on-equifax
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1488482
Source: af854a3a-2127-422b-91ae-364da2661108
Issue Tracking Third Party Advisory VDB Entry
https://cwiki.apache.org/confluence/display/WW/S2-052
Source: af854a3a-2127-422b-91ae-364da2661108
Mitigation Vendor Advisory
https://lgtm.com/blog/apache_struts_CVE-2017-9805
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
https://security.netapp.com/advisory/ntap-20170907-0001/
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://struts.apache.org/docs/s2-052.html
Source: af854a3a-2127-422b-91ae-364da2661108
Mitigation Vendor Advisory
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170907-struts2
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.exploit-db.com/exploits/42627/
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit Third Party Advisory VDB Entry
https://www.kb.cert.org/vuls/id/112992
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-9805
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0

25 reference(s) from NVD

Quick Stats

CVSS v3 Score
8.1 / 10.0
EPSS (Exploit Probability)
94.3%
100th percentile
Exploitation Status
Actively Exploited
Remediation due: 2022-05-03

Weaknesses (CWE)

CWE-502 CWE-502

Affected Vendors

apache cisco netapp

Related CVEs

CVE-2025-52691 10.0
CVE-2025-15168 7.3
CVE-2025-15167 7.3
CVE-2025-15166 7.3
CVE-2025-15165 7.3