Security News > 2018 > September > Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild

Active Campaign Exploits Critical Apache Struts 2 Flaw in the Wild

2018-09-05 17:48

A Monero cryptomining script is spreading in an ongoing campaign using the recently disclosed critical remote command-execution flaw.

News URL

https://threatpost.com/active-campaign-exploits-critical-apache-struts-2-flaw-in-the-wild/137207/

#apache #apachestruts #critical #exploit #struts

Related news

Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)
PoC exploit for critical Erlang/OTP SSH bug is public (CVE-2025-32433) (source)
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
⚡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More (source)
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)
251 Amazon-Hosted IPs Used in Exploit Scan Targeting ColdFusion, Struts, and Elasticsearch (source)
Hacker selling critical Roundcube webmail exploit as tech info disclosed (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apache		284	13	569	734	391	1707

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.