Apache Struts 2 Archives - Security Affairs

Pierluigi Paganini December 09, 2020

Apache Software Foundation fixes code execution flaw in Apache Struts 2

The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. The Apache Software Foundation has released a security update to address a “possible remote code execution” flaw in Struts 2 that is related to the OGNL technology. The remote code execution flaw, tracked as CVE-2020-17530, resides in […]

Pierluigi Paganini August 15, 2020

PoC exploit code for two Apache Struts 2 flaws available online

Security researchers have discovered a PoC exploit code available online that can be used to trigger unpatched security flaws in Apache Struts 2. Security researchers have discovered a PoC code and exploit available on GitHub that that can be used to trigger the security vulnerabilities in Apache Struts 2. The Proof-of-concept exploit code was released […]

Pierluigi Paganini August 28, 2018

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2. The PoC code was published on GitHub and experts were warning of […]

Pierluigi Paganini March 14, 2017

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2

Canada Revenue Agency confirmed it shut down its website for filing federal taxes due to a cyber attack leveraging the CVE-2017-5638 flaw in Apache Struts 2 The Canada Revenue Agency (CRA) confirmed it shut down its website for filing federal taxes after hackers broke into the server at the nation’s statistics bureau. The security breach occurred […]

Apache Struts 2

Apache Software Foundation fixes code execution flaw in Apache Struts 2

PoC exploit code for two Apache Struts 2 flaws available online

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Canadian agency breached as hackers exploit CVE-2017-5638 flaw in Apache Struts 2

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

Google fined $314M for misusing idle Android users' data

A flaw in Catwatchful spyware exposed logins of +62,000 users

China-linked group Houken hit French organizations using zero-days

Cybercriminals Target Brazil: 248,725 Exposed in CIEE One Data Breach

Europol shuts down Archetyp Market, longest-running dark web drug marketplace

QUICK LINKS

Apache Struts 2

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!