A new Apache Struts remote code execution vulnerability dubbed CVE-2018-11776 was recently discovered by security researchers. The root cause of the flow was identified in the lack of input validation on the URL passed to the Struts framework affecting all versions of Struts 2.
The criticality of the CVE-2018-11776 resides in the depth of its operational level. As a matter of fact, it affects the Struts code running not only on a single functional area but across all libraries used by the web application framework. Following the discovery, the Apache Software Foundation released the patch and urged all users of Struts 2.3 and Struts 2.5 to upgrade to the latest versions. Shortly after the patch was released on August 22nd, a proof-of-concept was posted on Github with a Python script that eases exploitation.
Proficio Threat Intelligence Recommendations:
- Users of Apache Struts are urged to update their Struts framework to its latest version. More technical details and guidelines can be found in the advisory released by the Apache Software Foundation, available at: here.
General Information – Click Here