Apache Struts, an open-source Model-View-Controller (MVC) framework, is vulnerable to a critical vulnerability that may lead to remote code execution. Tracked as CVE-2023-50164, the vulnerability has been addressed with security updates released by Apache.
Tag: Apache Struts 2
Apache Struts 2 Remote Code Execution Vulnerability (CVE-2019-0230, CVE-2019-0233)
Apache Struts Security Team has addressed two possible RCE bugs – CVE-2019-0230 and CVE-2019-0233 in their latest advisories published on August 13, 2020. Description Struts 2 is an open source coding framework for companies to create Java-based applications. The installations of Apache Struts 2, which are outdated, can be tentatively used to exploit CVE-2019-0230 as … Continue reading “Apache Struts 2 Remote Code Execution Vulnerability (CVE-2019-0230, CVE-2019-0233)”
Apache Struts 2 namespace Remote Code Execution Vulnerability: CVE-2018-11776
A remote code execution vulnerability was discovered in Apache Struts 2. The vulnerability in being tracked via CVE-2018-11776. Upon successful exploitation an attacker can gain remote execution on the target and ultimately take over the target machine. The issue affect all versions of Apache Struts 2, possibly even fixed versions where the settings are mis-configured. Apache has … Continue reading “Apache Struts 2 namespace Remote Code Execution Vulnerability: CVE-2018-11776”