Risk Rating: CRITICAL
CVSS Score: 9.8
Vulnerability Type: Remote Code Execution (RCE)
CVE Identifier: CVE-2023-50164
Exploitation Status: Actively exploited.
Affected Version: Struts 2.0.0-2.3.37(EOL), 6.0.0-6.3.0.1, 2.0.0-2.5.32.
Link: Apache.org
Recently discovered, CVE-2023-50164 reveals a critical flaw in Apache Struts that could allow hackers to execute code remotely by manipulating file upload settings. Actively exploited, this poses an imminent threat demanding quick action. It significantly jeopardizes services relying on Apache Struts, emphasizing the urgent need for updates to versions 6.3.0.2 or 2.5.33. With an easily accessible proof of concept on GitHub, web applications should undergo thorough assessments to prevent potential exploits. The urgency is crucial, impacting various sectors and requiring customized advisories for affected vendors. Take prompt action to secure your systems.
Introducing ISO 42001 – the world’s first international management system standard focused specifically on AI.…
Data breaches and cyberattacks have become daily concerns for information security professionals and business leaders.…
It is an undeniable fact that all applications and infrastructures are essentially in need of…
