Security News > 2018 > August > Critical Apache Struts flaw opens enterprises to compromise, patch ASAP!
2018-08-23 14:17
A critical remote code execution vulnerability (CVE-2018-11776) in Apache Struts, the popular open source framework for developing Java-based web apps, could allow remote attackers to run malicious code on the affected servers. The vulnerability was discovered and reported by Semmle security researcher Man Yue Mo, and the company urges organizations and developers who use Struts to upgrade their Struts components immediately. “Previous disclosures of similarly critical vulnerabilities have resulted in exploits being published within a … More → The post Critical Apache Struts flaw opens enterprises to compromise, patch ASAP! appeared first on Help Net Security.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/yz1uC0rJD6s/
Related news
- Netgear warns users to patch critical WiFi router vulnerabilities (source)
- Choose your own Patch Tuesday adventure: Start with six zero day fixes, or six critical flaws (source)
- Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
- Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- CrushFTP: Patch critical vulnerability ASAP! (CVE-2025-2825) (source)