By Eduard Kovacs on March 09, 2017
A high severity remote code execution (RCE) vulnerability affecting the Apache Struts 2 framework has been exploited in the wild, warns Cisco’s Talos intelligence and research group.
The vulnerability, tracked as CVE-2017-5638, can be triggered when performing file uploads with the Jakarta Multipart parser. The security hole, caused due to improper handling of the Content-Type header, allows a remote, unauthenticated attacker to execute OS commands on the targeted system.
The flaw affects Struts 2.3.5 through 2.3.31 and Struts 2.5 through 2.5.10, and it was addressed on March 6 with the release of versions 2.3.32 and 2.5.10.1.
Full Article
Apache Struts Vulnerability Exploited in the Wild
Userlevel 7
+54
Userlevel 7
+54
By Michael Mimoso March 10, 2017
Malicious traffic stemming from exploits against the Apache Struts 2 vulnerability disclosed and patched this week has tapered off since Wednesday.
Researchers at Rapid7 published an analysis of data collected from its honeypots situated on five major cloud providers and a number of private networks that shows a couple of dozen sources have targeted this vulnerability, but only two, originating in China, have actually sent malicious commands.
Full Article
Malicious traffic stemming from exploits against the Apache Struts 2 vulnerability disclosed and patched this week has tapered off since Wednesday.
Researchers at Rapid7 published an analysis of data collected from its honeypots situated on five major cloud providers and a number of private networks that shows a couple of dozen sources have targeted this vulnerability, but only two, originating in China, have actually sent malicious commands.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.