Security News > 2017 > September > Critical Flaw in Apache Struts2 Lets Hackers Take Over Web Servers (The Hackers News)
2017-09-05 11:40
Security researchers have discovered a critical remote code execution vulnerability in the popular Apache Struts web application framework, allowing a remote attacker to run malicious code on the affected servers. Apache Struts is a free, open-source, Model-View-Controller (MVC) framework for developing web applications in the Java programming language, which supports REST, AJAX, and JSON.
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/avE1jcuW1IY/apache-struts-vulnerability.html
Related news
- Rackspace internal monitoring web servers hit by zero-day (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Critical Apache Avro SDK Flaw Allows Remote Code Execution in Java Applications (source)
- US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (source)
- CISA: Hackers abuse F5 BIG-IP cookies to map internal servers (source)
- Finland seizes servers of 'Sipultie' dark web drugs market (source)
- GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access (source)
- Iranian hackers act as brokers selling critical infrastructure access (source)
- VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability (source)
- VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812) (source)