Security Vulnerability Discovered in Apache Struts

Apache Struts 2, an open-source platform widely used in web applications, has been found to contain a new security vulnerability (CVE-2023-50164). This vulnerability allows attackers to upload and execute malicious files on the server, posing a serious threat to the system’s security.

By exploiting this vulnerability, attackers can manipulate weaknesses in the file upload process, gain control of the server, upload files to incorrect locations, and remotely execute malicious code. This creates significant risks for the affected system.

To protect against this vulnerability, it is strongly recommended to update Apache Struts to one of the following versions immediately:

Apache Struts 2.5.33
Apache Struts 6.3.0.2 or later

There are no temporary fixes available for this vulnerability, making an immediate system update essential. Additionally, it is advised to review file upload configurations, implement Web Application Firewalls (WAF), and regularly monitor application activities for suspicious behavior.

Computer Emergency
Response Team

Computer Emergency
Response Team

Security Vulnerability Discovered in Apache Struts

“NotLockBit” — A New Ransomware Targeting Windows and macOS Systems

Hackers Actively Exploiting Vulnerability in FortiClient EMS

GitHub Launches “Copilot Free” Service for All Developers