FlagThis

CyberSecurity updates
2024-12-27 04:13:11 Pacfic
alinskens@sonatype.com (Aaron Linskens) @ 2024 Sonatype Blog
Critical Apache Struts2 and Tomcat Flaws - 10d
Read more: www.sonatype.com

Multiple critical vulnerabilities have been discovered in Apache Struts2 and Tomcat, including a path traversal vulnerability in Struts2 (CVE-2024-53677) that can lead to remote code execution, and two vulnerabilities in Apache Tomcat (CVE-2024-50379 and CVE-2024-54677) that can cause remote code execution and denial of service respectively. These vulnerabilities stem from issues like Time-of-check Time-of-use (TOCTOU) race conditions during JSP compilation in Tomcat and the ability to upload files into restricted directories in Struts2, allowing attackers to potentially compromise affected systems. Users are urged to apply the available patches immediately.

Original img attribution: https://www.sonatype.com/hubfs/tech_text.png
ImgSrc: www.sonatype.com
References:
  • SANS Internet Storm Center, InfoCON - Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164), (Sun, Dec 15th) - 11d
  • Malware Analysis, News and Indicators - Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164), (Sun, Dec 15th) - 11d
  • NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from ad - Apache Struts Arbitrary File Upload Vulnerability S2-067 (CVE-2024-53677) - 11d
  • GBHackers Security - Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads - 10d
  • Vulnerability Archives - Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release - 10d
  • Vulnerability Archives - The Apache Software Foundation has released important security updates to address two vulnerabilities in Apache Tomcat, a widely-used open-source web server, and servlet container. - 8d
  • The Hacker News - Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution. - 8d
  • @BleepingComputer - A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. - 8d
  • Over Security - A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. - 8d
  • Ruleset Updates - ET WEB_SPECIFIC_APPS Apache Struts2 Path Traversal Attempt Inbound M2 (CVE-2024-53677) - 8d
  • Latest from TechRadar - A critical vulnerability in the Apache Struts 2 application framework is now under active exploitation, security researchers have warned, urging … - 8d
  • Over Security - ACSC Warns of Remote Code Execution Risk in Apache Struts2 - 8d
  • Malware Analysis, News and Indicators - ACSC Warns of Remote Code Execution Risk in Apache Struts2 - 8d
  • Security Risk Advisors - Critical Path Traversal Vulnerability in Apache Struts Enables Remote Code Execution Via File Upload - 7d
  • Security Archives - Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677 - 7d
  • www.heise.de - Patch now! Attackers exploit critical security vulnerability in Apache Struts The upload function of Apache Struts is faulty and attackers can upload malicious code. Security researchers warn of attac - 7d
  • cwiki.apache.org - Critical Path Traversal Vulnerability in Apache Struts Enables Remote Code Execution Via File Upload - 7d
  • @heiseonlineenglish - Patch now! Attackers exploit critical security vulnerability in Apache Struts The upload function of Apache Struts is faulty and attackers can upload malicious code. Security researchers warn of attac - 7d
  • Security Boulevard - An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure. - 7d
  • @screaminggoat - Apache Tomcat security advisory 17 December 2024 (9.8 critical) RCE (remote code execution) due to TOCTOU (time-of-check to time-of-use) issue in JSP compilation. - 7d
  • www.mail-archive.com - Apache Tomcat security advisory 17 December 2024 (9.8 critical) RCE (remote code execution) due to TOCTOU (time-of-check to time-of-use) issue in JSP compilation. No mention of exploitation. - 7d
  • Open Source Security - CVE-2024-56337: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete - 5d
  • 2024 Sonatype Blog - CVE-2024-53677: A critical file upload vulnerability in Apache Struts2 - 5d

Classification:
  • HashTags: Apache Struts2 Tomcat
  • Company: Apache
  • Target: Apache Struts2 and Tomcat users
  • Product: Struts2 and Tomcat
  • Feature: Remote Code Execution
  • Type: Vulnerability
  • Severity: Critical

This site is an experimental news aggregator using feeds I personally follow. You can provide me feedback using this form or using Bluesky.