Security News > 2018 > August > Critical Apache Struts flaw opens enterprises to compromise, patch ASAP!
2018-08-23 14:17
A critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts, the popular open source framework for developing Java-based web apps, could allow remote attackers to run malicious code on the affected servers. The vulnerability was discovered and reported by Semmle security researcher Man Yue Mo, and the company urges organizations and developers who use Struts to upgrade their Struts components immediately. “Previous disclosures of similarly critical vulnerabilities have resulted in exploits being published within a … More → The post Critical Apache Struts flaw opens enterprises to compromise, patch ASAP! appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/yz1uC0rJD6s/
Related news
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
- Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw (source)
- Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
- Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
- Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
- Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
- Critical Versa Concerto Flaws Let Attackers Escape Docker and Compromise Hosts (source)
- Critical Windows Server 2025 dMSA Vulnerability Enables Active Directory Compromise (source)