Security News > 2024 > December > Critical security hole in Apache Struts under exploit

Critical security hole in Apache Struts under exploit

2024-12-17 21:57

You applied the patch that could stop possible RCE attacks last week, right? A critical security hole in Apache Struts 2, patched last week, is now being exploited using publicly available proof-of-concept (PoC) code.…

News URL

https://go.theregister.com/feed/www.theregister.com/2024/12/17/critical_rce_apache_struts/

#apache #apachestruts #critical #exploit #security #struts

Related news

Stealthy Apache Tomcat Critical Exploit Bypasses Security Filters: Are You at Risk? (source)
Apache Parquet exploit tool detect servers vulnerable to critical flaw (source)
Critical RCE flaw in Apache Tomcat actively exploited in attacks (source)
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)
Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
Critical Flaw in Apache Parquet Allows Remote Attackers to Execute Arbitrary Code (source)
Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence (source)
Critical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now (source)
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apache		283	13	567	728	383	1691

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.