A critical remote code execution vulnerability affecting popular web application framework Apache Struts has been discovered. The vulnerability is in the core of the application and exists due to insufficient validation of user-provided untrusted inputs under certain configurations. This vulnerability is identified by CVE-2018-11776. This Remote Code Execution vulnerability poses a huge risk as the […]

Read More →

  Image Credit: Threatpost A critical remote code execution vulnerability has been recently discovered in the popular Apache Struts web application framework¬†allowing a remote attacker to execute arbitrary code on any server running an application built using the affected Struts¬†framework and the popular REST communication plugin. This flaw is due to an unsafe deserialization (Deserialization¬†is […]

Read More →

The Model-View-Framework Apache Struts2, an open source and free framework for simplifying the creation of web applications in Java has been recently patched to mitigate a zero day vulnerability. Apache Struts2 is been affected with a new vulnerability which is being actively exploited in the wild. The vulnerability is a possible Remote Code Execution which […]

Read More →