Attackers are trying to exploit Apache Struts vulnerability

Attackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2.
The Shadowserver Foundation has also started noticing exploitation attempts in their sensors, though they don't see them succeeding.
CVE-2023-50164, reported by Steven Seeley of Source Incite, enables path traversal by manipulating of file upload parameters and, in some cases, may allow attackers to upload malicious files that can be used to achieve remote code execution.
It has been fixed in Apache Struts versions 2.5.33 and 6.3.0.2, and Struts 2 developers and users have been urged to upgrade as soon as possible - there are no workarounds.
A PoC exploit script has been released on December 13 by vulnerability researcher Ákos Jakab, but it works only when the target app is deployed to Apache Tomcat.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Thu, 14 Dec 2023 10:43:05 +0000


Cyber News related to Attackers are trying to exploit Apache Struts vulnerability

Patch Now: Exploit Activity Mounts for Dangerous Apache Struts 2 Bug - Concerns are high over a critical, recently disclosed remote code execution vulnerability in Apache Struts 2 that attackers have been actively exploiting over the past few days. Apache Struts is a widely used open source framework for building Java ...
10 months ago Darkreading.com
Apache Warns of Critical Vulnerability in Struts 2 - Apache has warned customers of a critical remote code execution vulnerability in its popular Struts 2 framework. Apache Struts 2 is an open-source web application framework for developing Java EE web applications. The new vulnerability, ...
10 months ago Infosecurity-magazine.com
Hackers are exploiting critical Apache Struts flaw using public PoC - Hackers are attempting to leverage a recently fixed critical vulnerability in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. It appears that threat actors have just ...
10 months ago Bleepingcomputer.com
Hackers are Actively Exploiting Apache Struts 2 Vulnerability - Hackers are taking advantage of a Critical Apache Struts Bug's initial activity with limited IP addresses engaged in exploitation attempts. Apache is an open-source framework for creating Java EE web applications called Apache Struts. It is used by ...
10 months ago Cybersecuritynews.com
Apache Patches Critical RCE Vulnerability in Struts 2 - The Apache Software Foundation over the weekend announced security updates that address a critical-severity file upload vulnerability in the Struts 2 open source development framework, warning that it could be exploited to execute arbitrary code ...
10 months ago Securityweek.com
New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP - The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution. CVE-2023-50164 may allow an attacker to manipulate file upload ...
10 months ago Helpnetsecurity.com
1,718,000+ Apache Struts 2 Installation Open to RCE Attacks - Threat actors target Apache Struts 2 due to vulnerabilities in its code that can be exploited for unauthorized access to web applications. Exploiting these vulnerabilities allows attackers to execute arbitrary code that could lead to full system ...
9 months ago Cybersecuritynews.com
Recent Apache Struts 2 Vulnerability in Attacker Crosshairs - Threat actors have started probing internet-accessible Apache Struts 2 instances affected by a recently disclosed remote code execution flaw. The critical-severity bug, tracked as CVE-2023-50164, was disclosed a week ago, when the Apache Software ...
10 months ago Securityweek.com
Attackers are trying to exploit Apache Struts vulnerability - Attackers are trying to leverage public proof-of-exploit exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. The Shadowserver Foundation has also started noticing exploitation attempts in their ...
10 months ago Helpnetsecurity.com
Week in review: Apache Struts vulnerability exploit attempt, EOL Sophos firewalls get hotfix - SCS 9001 2.0 reveals enhanced controls for global supply chainsIn this Help Net Security interview, Mike Regan, VP of Business Performance at TIA, discusses SCS 9001 Release 2.0, a certifiable standard crafted to assist organizations in ...
10 months ago Helpnetsecurity.com
Imperva Protects Customers from CVE-2023-50164 - On December 7, 2023, Apache released a security advisory regarding CVE-2023-50164, a critical vulnerability in Apache Struts with CVSS score 9.8. Versions from 2.5.0 to 2.5.32 and 6.0.0 to 6.3.0 were affected. Apache Struts is a popular, free, ...
10 months ago Imperva.com
CVE-2018-1327 - The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. Upgrade to the Apache Struts version 2.5.16 and switch to an optional Jackson ...
3 years ago
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers - A critical Apache OFBiz pre-authentication remote code execution vulnerability is being actively exploited using public proof of concept exploits. Apache OFBiz is an open-source enterprise resource planning system many businesses use for e-commerce ...
10 months ago Bleepingcomputer.com
CVE-2012-1007 - Multiple cross-site scripting (XSS) vulnerabilities in Apache Struts 1.3.10 allow remote attackers to inject arbitrary web script or HTML via (1) the name parameter to struts-examples/upload/upload-submit.do, or the message parameter to (2) ...
6 years ago
CVE-2023-34149 - Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. ...
1 year ago
CVE-2023-34396 - Allocation of Resources Without Limits or Throttling vulnerability in Apache Software Foundation Apache Struts.This issue affects Apache Struts: through 2.5.30, through 6.1.2. ...
1 year ago
Hackers target Apache RocketMQ servers vulnerable to RCE attacks - Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. Both vulnerabilities ...
10 months ago Bleepingcomputer.com
The Threat That Can't Be Ignored: CVE-2023-46604 in Apache ActiveMQ - There is another vulnerability that demands immediate attention, despite not receiving the level of recognition it truly deserves in the media. Apache ActiveMQ vulnerability, known as CVE-2023-46604, is a Remote Code Execution flaw rated at a ...
6 months ago Cybersecurity-insiders.com
Critical Apache OFBiz Vulnerability in Attacker Crosshairs - The Shadowserver Foundation has been seeing attempts to exploit a critical vulnerability affecting the Apache OFBiz open source enterprise resource planning system. Apache OFBiz is leveraged by several ERP and other types of projects, including the ...
10 months ago Securityweek.com
Critical Apache OFBiz Vulnerability in Attacker Crosshairs - The Shadowserver Foundation has been seeing attempts to exploit a critical vulnerability affecting the Apache OFBiz open source enterprise resource planning system. Apache OFBiz is leveraged by several ERP and other types of projects, including the ...
10 months ago Packetstormsecurity.com
Real-Time Data Warehousing Based on Apache Doris - This is a whole-journey guide for Apache Doris users, especially those from the financial sector, which requires a high level of data security and availability. If you don't know how to build a real-time data pipeline and make the most of the Apache ...
9 months ago Feeds.dzone.com
Impact of Apache Struts2 Code Execution Vulnerability - Recent attacks have demonstrated a significant growth in Zero Days and Remote Code Execution. In this blog, we will discuss a recently found Remote Code Execution attack in Apache Struts2. Apache Struts helps developers to create web applications in ...
10 months ago Securityboulevard.com
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks - Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution vulnerability previously exploited as a zero-day. The flaw, tracked as CVE-2023-46604, is a maximum severity ...
11 months ago Bleepingcomputer.com
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released - Advanced ransomware campaigns expose need for AI-powered cyber defenseIn this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, discusses emerging trends in ransomware attacks, emphasizing the need for businesses to use advanced AI ...
10 months ago Helpnetsecurity.com
CVE-2023-41835 - When a Multipart request is performed but some of the fields exceed the maxStringLength limit, the upload files will remain in struts.multipart.saveDir even if the request has been denied. Users are recommended to upgrade to versions Struts 2.5.32 or ...
11 months ago Tenable.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)