Security News > 2017 > September > Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers (The Hackers News)
2017-09-05 11:40
Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for developing web applications in the Java programming language, which supports REST, AJAX, and JSON.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/avE1jcuW1IY/apache-struts-vulnerability.html
Related news
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- Critical AMI MegaRAC bug can let attackers hijack, brick servers (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Critical flaw in Next.js lets hackers bypass authorization (source)
- Hijacked Microsoft web domain injects spam into SharePoint servers (source)