Security News > 2024 > December > New critical Apache Struts flaw exploited to find vulnerable servers

New critical Apache Struts flaw exploited to find vulnerable servers

2024-12-17 18:04

A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. [...]

News URL

https://www.bleepingcomputer.com/news/security/new-critical-apache-struts-flaw-exploited-to-find-vulnerable-servers/

#apache #apachestruts #critical #server #struts #CVE-2024-53677

Related news

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-12-11	CVE-2024-53677	File upload logic is flawed vulnerability in Apache Struts. This issue affects Apache Struts: from 2.0.0 before 6.4.0. Users are recommended to upgrade to version 6.4.0 and migrate to the new file upload mechanism https://struts.apache.org/core-developers/file-upload . You can find more details in https://cwiki.apache.org/confluence/display/WW/S2-067	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Apache		281	13	549	713	367	1642

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.