Cisco posted an updated security advisory for products impacted by Apache Struts Remote Code Execution Vulnerability (CVE-2018-11776). Cisco also released a software update that fixes a critical Cisco Umbrella API vulnerability.
Cisco has updated the list of Cisco products under investigation, vulnerable and confirmed not vulnerable to the latest Apache Struts 2 vulnerability (CVE-2018-11776).
Security researchers have discovered proof-of-concept code of an Apache Struts vulnerability exploit, to include a Python script that makes it easier to exploit.
The Apache Software Foundation has issued a security update for a critical remote code execution (RCE) vulnerability (CVE-2018-11776) in Apache Struts 2.