Attackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2.
The Shadowserver Foundation has also started noticing exploitation attempts in their sensors, though they don't see them succeeding.
CVE-2023-50164, reported by Steven Seeley of Source Incite, enables path traversal by manipulating of file upload parameters and, in some cases, may allow attackers to upload malicious files that can be used to achieve remote code execution.
It has been fixed in Apache Struts versions 2.5.33 and 6.3.0.2, and Struts 2 developers and users have been urged to upgrade as soon as possible - there are no workarounds.
A PoC exploit script has been released on December 13 by vulnerability researcher Ákos Jakab, but it works only when the target app is deployed to Apache Tomcat.
This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 14 Dec 2023 10:43:05 +0000