Security News > 2023 > December > Hackers are exploiting critical Apache Struts flaw using public PoC

Hackers are exploiting critical Apache Struts flaw using public PoC
2023-12-13 16:19

Hackers are attempting to leverage a recently fixed critical vulnerability in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code.

Apache Struts is an open-source web application framework designed to streamline the development of Java EE web apps, offering a form-based interface and extensive integration capabilities.

On December 7, Apache released Struts versions 6.3.0.2 and 2.5.33 to address a critical severity vulnerability currently identified as CVE-2023-50164.

The RCE vulnerability affects Struts versions 2.0.0 through 2.3.37, Struts 2.5.0 through 2.5.32, and Struts 6.0.0 up to 6.3.0.

In a security advisory yesterday, Cisco says that it is investigating CVE-2023-50164 to determine which of its products with Apache Struts may be affected and to what extent.

HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks.


News URL

https://www.bleepingcomputer.com/news/security/hackers-are-exploiting-critical-apache-struts-flaw-using-public-poc/

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-12-07 CVE-2023-50164 Files or Directories Accessible to External Parties vulnerability in Apache Struts
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
network
low complexity
apache CWE-552
critical
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Apache 281 13 544 711 366 1634