CVE-2017-9805

Pierluigi Paganini September 26, 2017
Oracle releases security patches for Apache Struts CVE-2017-9805 Flaw exploited in the wild

Oracle fixed several issues in the Apache Struts 2 framework including the flaw CVE-2017-9805 that has been exploited in the wild for the past few weeks. Oracle has released patches for vulnerabilities affecting many of its products, the IT giant has fixed several issues in the Apache Struts 2 framework, including the flaw CVE-2017-9805 that has been exploited […]

Pierluigi Paganini September 17, 2017
400,000 UK consumers at risk after the Equifax data breach

About 400,000 Britons may have had their information stolen following the Equifax data breach, the news was reported by the UK division of the company. More details are emerging from the recent Equifax data breach that impacted approximately 143 million U.S. consumers. The attackers exploited the CVE-2017-5638 Apache Struts vulnerability that was fixed back in March, but the company […]

Pierluigi Paganini September 15, 2017
CVE-2017-5638 Apache Struts vulnerability is the root cause behind Equifax data breach

It’s official, the Equifax data breach case was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The Equifax data breach case was solved, that incident was caused by the exploitation of the CVE-2017-5638 Apache Struts vulnerability. The vulnerability affects the Jakarta Multipart parser upload function in Apache and could be exploited by an […]

Pierluigi Paganini September 11, 2017
Apache Foundation rejects allegation Equifax hackers exploited CVE-2017-9805 in Struts

Media and experts speculate Equifax Hack was the result of the exploitation of the recently discovered critical vulnerability CVE-2017-9805 in Apache Struts. Last week Equifax reported a huge data breach, hackers accessed its systems between mid-May and late July. The incident affected roughly 143 million U.S. consumers and some customers in the U.K. and Canada. […]

Pierluigi Paganini September 09, 2017
Experts observed the active exploitation of the CVE-2017-9805 Struts vulnerability

Hackers are exploiting in the wild a critical remote code execution vulnerability in Apache Struts 2, tracked as CVE-2017-9805, that was patched a few days ago. The vulnerability tracked as CVE-2017-9805 is related to the way Struts deserializes untrusted data, it affects all versions of Apache Struts since 2008, from Struts 2.5 to Struts 2.5.12. The experts warn that […]

Pierluigi Paganini September 06, 2017
Struts CVE-2017-9805 RCE flaw could be exploited to take over vulnerable servers

Critical vulnerability CVE-2017-9805 in Apache Struts could be exploited by attackers to take over affected web servers. Security researchers at LGTM (lgtm.com) have discovered a critical remote code execution vulnerability in the Apache Struts that could be exploited by a remote attacker to run malicious code on the vulnerable servers. “Security researchers at lgtm.com have discovered a critical […]