ATTACK [PTsecurity] Apache Struts < 2.3.32 < 2.5.10.1 RCE through Jakarta Multipart parser Attempt
Sourceptrules/open
Fileptopen-attacks.rules
CreatedJuly 24, 2025
UpdatedJuly 24, 2025
Classificationattempted-admin
alert http any any -> any any (msg:"ATTACK [PTsecurity] Apache Struts < 2.3.32 < 2.5.10.1 RCE through Jakarta Multipart parser Attempt"; flow:established, to_server ; content:"%{"; fast_pattern; http_header; content:"multipart/form-data"; http_header; content:"#_memberAccess"; http_header; content:"@java"; http_header; reference:cve, 2017-5638 ; reference:url, paper.seebug.org/241/ ; reference:url, rules.ptsecurity.com ; classtype:attempted-admin; sid:10001065; rev:3;)
References
Comments (0)
Please sign in to leave a comment.
Sign inNo comments yet. Be the first to comment!