Struts Archives - Securezoo

Apache patches Struts 2 RCE vulnerability (CVE-2020-17530)

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / December 9, 2020 / Apache, CVE-2020-17530, Struts

The Apache Software Foundation has patched a Struts 2 vulnerability CVE-2020-17530 that may lead to remote code execution.

Apache patches Struts 2 RCE vulnerability (CVE-2020-17530) Read More »

Apache patches two Struts 2 vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 14, 2020 / Apache, CVE-2019-0230, CVE-2019-0233, Struts

The Apache Software Foundation has patched two vulnerabilities in Apache Struts 2 that could result in remote code execution (RCE) or Denial of Service (DoS). An attacker could exploit one of these vulnerabilities to take control of impacted systems. According to Apache, the two vulnerabilities affect Struts versions 2.0.0 – 2.5.20 and are described in

Apache patches two Struts 2 vulnerabilities Read More »

Patch these 10 most commonly exploited vulnerabilities

Cybersecurity Articles, Cybersecurity Attacks, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / May 20, 2020 / Apache, Citrix, CVE-2012-0158, CVE-2015-1641, CVE-2017-0143, CVE-2017-0199, CVE-2017-11882, CVE-2017-5638, CVE-2017-8759, CVE-2018-4878, CVE-2018-7600, CVE-2019-0604, CVE-2019-11510, CVE-2019-19781, Drupalgeddon2, Flash, Gafgyt, JexBoss, Kitty, LinkedIn, LokiBot, Mirai, Pulse Secure, ROKRAT, SMBGhost, Struts, Zyklon

U.S. government cybersecurity experts are providing guidance on the “top 10” most commonly exploited vulnerabilites. The alert helps highlight the importance of patching and prioritizing vulnerabilities with known exploits.

Patch these 10 most commonly exploited vulnerabilities Read More »

The top 20 vulnerabilities to patch now (that are most under attack)

Cybersecurity Articles, Cybersecurity Attacks, Vulnerabilities & Exploits, Zero-days / Frank Crast / December 26, 2019 / Apache, BlueKeep, CVE-2012-0158, CVE-2014-8361, CVE-2017-0143, CVE-2017-0199, CVE-2017-10271, CVE-2017-11882, CVE-2017-17215, CVE-2017-5638, CVE-2017-5715, CVE-2017-8570, CVE-2017-8759, CVE-2018-0802, CVE-2018-10561, CVE-2018-12130, CVE-2018-20250, CVE-2018-4878, CVE-2018-7600, CVE-2018-8174, CVE-2019-0708, CVE-2019-2725, IOT, Loki, MDS, Meltdown, Nanocore, Spectre, Struts, Verint, Vulnerabilities, WebLogic, WinRAR, Zyklon

Security firm Verint analyzed the top 20 vulnerabilities to patch now that are under active attack and exploited by cyber attack groups worldwide. The report is aimed at assisting security teams in prioritizing and enhancing their organization’s patch management efforts.

The top 20 vulnerabilities to patch now (that are most under attack) Read More »

Cisco patches critical vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 8, 2018 / Apache, Cisco, CVE-2016-1000031, CVE-2018-15381, CVE-2018-15394, CVE-2018-15439, Stealthwatch, Struts

Cisco released four critical security advisories on Wednesday for multiple Cisco products.

Cisco patches critical vulnerabilities Read More »

Apache Struts security patch

Leave a Comment / Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / November 6, 2018 / Apache, RCE, Struts, Vulnerabilities

The Apache Software Foundation has released a security advisory that fixes a vulnerability in Commons FileUpload library in Apache Struts versions 2.3.36 and prior.

Apache Struts security patch Read More »

New Mirai, Gafgyt IoT botnet variants target systems with Apache Struts, SonicWall vulnerability exploits

Cybersecurity Attacks, Malware, Network Security, Vulnerabilities & Exploits / Frank Crast / September 10, 2018 / Apache, botnet, CVE-2017-5638, CVE-2018-9866, Gafgyt, IOT, Mirai, Struts

New variants of IoT botnets Mirai and Gafgyt are increasingly targeting enterprise devices with outdated versions and unpatched vulnerabilities.

New Mirai, Gafgyt IoT botnet variants target systems with Apache Struts, SonicWall vulnerability exploits Read More »

Cisco issues security updates for Umbrella and Struts vulnerability

Leave a Comment / Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / September 6, 2018 / Cisco, CVE-2018-0435, CVE-2018-11776, Struts, Umbrella

Cisco posted an updated security advisory for products impacted by Apache Struts Remote Code Execution Vulnerability (CVE-2018-11776). Cisco also released a software update that fixes a critical Cisco Umbrella API vulnerability.

Cisco issues security updates for Umbrella and Struts vulnerability Read More »

Cisco security advisory on Apache Struts vulnerability

Security Updates & Patches, Vulnerabilities & Exploits / Frank Crast / August 31, 2018 / Cisco, CVE-2018-11776, ISE, Struts

Cisco has updated the list of Cisco products under investigation, vulnerable and confirmed not vulnerable to the latest Apache Struts 2 vulnerability (CVE-2018-11776).

Cisco security advisory on Apache Struts vulnerability Read More »

Apache Struts vulnerability exploit POC published

Leave a Comment / Vulnerabilities & Exploits / Frank Crast / August 27, 2018 / Apache, CVE-2018-11776, RCE, Struts

Security researchers have discovered proof-of-concept code of an Apache Struts vulnerability exploit, to include a Python script that makes it easier to exploit.

Apache Struts vulnerability exploit POC published Read More »