CyberSecurity news

FlagThis

alinskens@sonatype.com (Aaron Linskens)@2024 Sonatype Blog - 77d

Critical Apache Struts2 and Tomcat Flaws

Original img attribution: https://www.sonatype.com/hubfs/tech_text.png
ImgSrc: www.sonatype.co

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • isc.sans.edu: Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164), (Sun, Dec 15th)
  • malware.news: Exploit attempts inspired by recent Struts2 File Upload Vulnerability (CVE-2024-53677, CVE-2023-50164), (Sun, Dec 15th)
  • nsfocusglobal.com: Apache Struts Arbitrary File Upload Vulnerability S2-067 (CVE-2024-53677)
  • gbhackers.com: Hackers Exploiting Apache Struts2 Vulnerability to Upload Malicious Payloads
  • securityonline.info: Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release
  • securityonline.info: The Apache Software Foundation has released important security updates to address two vulnerabilities in Apache Tomcat, a widely-used open-source web server, and servlet container.
  • The Hacker News: Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Struts that could pave the way for remote code execution.
  • BleepingComputer: A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices.
  • www.bleepingcomputer.com: A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices.
  • community.emergingthreats.net: ET WEB_SPECIFIC_APPS Apache Struts2 Path Traversal Attempt Inbound M2 (CVE-2024-53677)
  • Latest from TechRadar: A critical vulnerability in the Apache Struts 2 application framework is now under active exploitation, security researchers have warned, urging …
  • cyble.com: ACSC Warns of Remote Code Execution Risk in Apache Struts2
  • malware.news: ACSC Warns of Remote Code Execution Risk in Apache Struts2
  • Security Risk Advisors: Critical Path Traversal Vulnerability in Apache Struts Enables Remote Code Execution Via File Upload
  • securityaffairs.com: Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677
  • www.heise.de: Patch now! Attackers exploit critical security vulnerability in Apache Struts The upload function of Apache Struts is faulty and attackers can upload malicious code. Security researchers warn of attacks.
  • cwiki.apache.org: Critical Path Traversal Vulnerability in Apache Struts Enables Remote Code Execution Via File Upload
  • heise online English: Patch now! Attackers exploit critical security vulnerability in Apache Struts The upload function of Apache Struts is faulty and attackers can upload malicious code. Security researchers warn of attacks.
  • Security Boulevard: An Apache Tomcat web server vulnerability has been published, exposing the platform to remote code execution through a race condition failure.
  • : Apache Tomcat security advisory 17 December 2024 (9.8 critical) RCE (remote code execution) due to TOCTOU (time-of-check to time-of-use) issue in JSP compilation.
  • www.mail-archive.com: Apache Tomcat security advisory 17 December 2024 (9.8 critical) RCE (remote code execution) due to TOCTOU (time-of-check to time-of-use) issue in JSP compilation. No mention of exploitation.
  • Open Source Security: CVE-2024-56337: Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete
  • 2024 Sonatype Blog: CVE-2024-53677: A critical file upload vulnerability in Apache Struts2
Classification:
  • HashTags: #Apache #Struts2 #Tomcat
  • Company: Apache
  • Target: Apache Struts2 and Tomcat users
  • Product: Struts2 and Tomcat
  • Feature: Remote Code Execution
  • Malware: CVE-2024-53677, CVE-2024-50379, CVE-2024-54677
  • Type: Vulnerability
  • Severity: Critical