Recent attacks have demonstrated a significant growth in Zero Days and Remote Code Execution.
In this blog, we will discuss a recently found Remote Code Execution attack in Apache Struts2.
Apache Struts helps developers to create web applications in Java.
On December 7th, the Apache Software Foundation disclosed a critical vulnerability in Apache Struts2, named CVE-2023-50164.
At its core, CVE-2023-50164 exploits a flaw in Struts2's file upload logic.
The true nightmare unfolds when you realize this malicious file can be executed.
Yes, you read that right - Remote Code Execution is on the table.
The vulnerability also leads to parameter pollution when an attack changes the initial parameter and adds additional parameters in lowercase.
This overrides the internal file name variable and that is what causes the system to exploit and the attacker to gain Remote Code Execution.
Struts2 boasts a wide user base, powering enterprise applications, government websites, and private businesses.
Scan your Environment: Conduct a thorough scan of your systems to identify any applications using vulnerable versions of Struts2.
Monitor for Suspicious Activity: Implement security monitoring tools and SIEM solutions to detect any suspicious activity that might indicate an attempted exploit.
Raise Awareness: Train your employees and developers about the vulnerability and the importance of patching.
A layered security approach is key to truly mitigating the risks posed by vulnerabilities like CVE-2023-50164.
Implement Input Validation: Validate all user input to prevent malicious code from being uploaded or executed.
Restrict File Extensions: Limit the types of files that can be uploaded to only those necessary for your application.
CVE-2023-50164 is a critical vulnerability with potentially destructive consequences.
There is a critical need to address the serious vulnerability CVE-2023-50164 in Apache Struts2.
Kratikal, a CERT-In empanelled auditor is an essential component in the battle against cyber threats, providing cybersecurity solutions through Governance, Risk, and Compliance to identify, stop, and minimize vulnerabilities.
Kratikal helps businesses defend against ever-evolving threats by providing them with proactive defense, security training, and sophisticated scanning tools.
This Cyber News was published on securityboulevard.com. Publication date: Sat, 23 Dec 2023 07:13:04 +0000