Security News > 2018 > August > Critical Apache Struts flaw opens enterprises to compromise, patch ASAP!
2018-08-23 14:17
A critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts, the popular open source framework for developing Java-based web apps, could allow remote attackers to run malicious code on the affected servers. The vulnerability was discovered and reported by Semmle security researcher Man Yue Mo, and the company urges organizations and developers who use Struts to upgrade their Struts components immediately. “Previous disclosures of similarly critical vulnerabilities have resulted in exploits being published within a … More → The post Critical Apache Struts flaw opens enterprises to compromise, patch ASAP! appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/yz1uC0rJD6s/
Related news
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- New critical Apache Struts flaw exploited to find vulnerable servers (source)
- Critical security hole in Apache Struts under exploit (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console (source)
- BeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS Products (source)
- Apache warns of critical flaws in MINA, HugeGraph, Traffic Control (source)