Signature Detail

HTTP: Apache Struts FilterDispatcher and DefaultStaticContentLoader Classes Directory Traversal

This signature detects attempts to exploit a known directory traversal vulnerability in the Apache Struts. It is due to an input validation error in Struts that does not properly sanitize the URI for directory traversal patterns. Successful exploitation allows unauthenticated remote attackers to disclose or access arbitrary files on the vulnerable server. The target will not exhibit any unusual behaviour as a result of this attack. A successful attack will allow the attacker to gain access to restricted files. This may lead to disclosure of sensitive information.