RCE Vulnerability in Apache Struts Targeted by Attackers

Type

Campaign

Actors

❓Unknown

Pub. date

December 17, 2024

Initial access

1-day vulnerability

Impact

Unknown

Observed techniques

Vulnerability exploitation

Targeted technologies

Apache Struts

References

https://www.bleepingcomputer.com/news/security/new-critical-apache-struts-flaw-exploited-to-find-vulnerable-servers/

Status

Finalized

Last edited

Dec 25, 2024 11:40 AM

CVE-2024-53677 is a critical vulnerability in Apache Struts 2 with a CVSS score of 9.5. This flaw in the file upload logic allows path traversal and uploading of malicious files, enabling remote code execution (RCE). Exploitation has been observed in the wild using public proof-of-concept exploits.

CVE-2024-53677 is a critical vulnerability in Apache Struts 2, stemming from a flaw in the file upload logic that allows path traversal and the upload of malicious files, such as web shells, leading to remote code execution (RCE). Exploitation in the wild involves attackers using public proof-of-concept exploits to upload malicious files, which print identifying strings to confirm successful exploitation. These exploits allow attackers to enumerate vulnerable systems and execute further malicious actions.