Security News > 2018 > August > Critical Apache Struts 2 Flaw Allows Remote Code Execution
2018-08-22 16:10
Updates released on Wednesday for the Apache Struts 2 open source development framework address a critical vulnerability that can be exploited for remote code execution. The flaw, tracked as CVE-2018-11776, affects Struts 2.3 through 2.3.34, Struts 2.5 through 2.5.16, and possibly unsupported versions of the framework. read more
News URL
Related news
- New critical Apache Struts flaw exploited to find vulnerable servers (source)
- Critical security hole in Apache Struts under exploit (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Sophos Firewall vulnerable to critical remote code execution flaw (source)
- Sophos discloses critical Firewall remote code execution flaw (source)
- Apache fixes remote code execution bypass in Tomcat web server (source)
- Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now (source)
- Apache warns of critical flaws in MINA, HugeGraph, Traffic Control (source)
- Critical RCE Flaw in GFI KerioControl Allows Remote Code Execution via CRLF Injection (source)