1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Malicious OGNL Expression Upload

Web Attack: Malicious OGNL Expression Upload

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects malicious OGNL expressions that can result in remote code execution.

Additional Information

OGNL expression can be used to get or set properties of Java object. OGNL expression can be used maliciously to execute arbitrary code on the target machine.

Affected

  • Various Apache Struts instances.

Response


  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube