Hackers are exploiting the public PoC to hack Apache Struts flaw
Take action: If you are using Apache Struts, update to versions 2.5.33 and 6.3.0.2 ASAP. The public PoC makes the exploit almost automatic. And start checking which of your devices or vendor products are using Apache Struts, because those will be a target.
Learn More
Cybercriminals are exploiting a severe vulnerability in Apache Struts, known as CVE-2023-50164, which allows remote code execution, using publicly accessible proof-of-concept exploit code.
This vulnerability has just started being targeted, as indicated by the Shadowserver scanning platform, which observed a few IP addresses attempting exploitation.
Apache Struts, widely used in diverse sectors for its efficient Java EE web app development capabilities, patched this critical path traversal flaw in its versions 6.3.0.2 and 2.5.33 on December 7. The flaw could enable attackers to upload malicious files for remote code execution, potentially leading to data theft, service disruption, or unauthorized network access.
Recently, a security researcher detailed the vulnerability's exploitation process, followed by another publication with exploit code. Cisco is assessing the impact of CVE-2023-50164 on its products that integrate Apache Struts, including various collaboration, communication, and network management solutions. Cisco's ongoing investigation and the list of potentially affected products are detailed in its security bulletin, which will be updated with new information.
