Apache Struts 2 Archives - Security Affairs

Pierluigi Paganini December 09, 2020

Apache Software Foundation fixes code execution flaw in Apache Struts 2

The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. The Apache Software Foundation has released a security update to address a “possible remote code execution” flaw in Struts 2 that is related to the OGNL technology. The remote code execution flaw, tracked as CVE-2020-17530, resides in […]

Pierluigi Paganini August 15, 2020

PoC exploit code for two Apache Struts 2 flaws available online

Security researchers have discovered a PoC exploit code available online that can be used to trigger unpatched security flaws in Apache Struts 2. Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2. The Proof-of-concept exploit code was released […]

Pierluigi Paganini August 28, 2018

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2. The PoC code was published on GitHub and experts were warning of […]

Pierluigi Paganini March 14, 2017

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2

Canada Revenue Agency confirmed it shut down its website for filing federal taxes due to a cyber attack leveraging the CVE-2017-5638 flaw in Apache Struts 2 The Canada Revenue Agency (CRA) confirmed it shut down its website for filing federal taxes after hackers broke into the server at the nation’s statistics bureau. The security breach occurred […]

Apache Struts 2

Apache Software Foundation fixes code execution flaw in Apache Struts 2

PoC exploit code for two Apache Struts 2 flaws available online

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA urges FCEB agencies to fix two Microsoft SharePoint flaws immediately and added them to its Known Exploited Vulnerabilities catalog

Sophos fixed two critical Sophos Firewall vulnerabilities

French Authorities confirm XSS.is admin arrested in Ukraine

Microsoft linked attacks on SharePoint flaws to China-nexus actors

QUICK LINKS

Apache Struts 2

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!