Computer code on blue background

Vulnerability: Apache – CVE-2017-5638 – Apache Struts Jakarta Parser

In March of 2017, attackers began exploiting a bug in the Apache Struts Jakarta Multipart parser. The attack resulted in attackers being able to execute arbitrary commands on HTTP servers with specially crafted HTTP requests. This vulnerability has recently gained additional buzz because there has been a recently named campaign (Zealot) that uses this vulnerability to compromise a web server and gain a foothold on the network and then use EternalBlue and EternalSynergy exploits to move laterally.

Campaign using vulnerability to gain foothold via web servers – https://f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178=1

NVD Reference – https://nvd.nist.gov/vuln/detail/CVE-2017-5638#vulnDescriptionTitle

Proficio Threat Intelligence Recommendations:

  • Upgrade to Struts 2.3.32 or Struts 2.5.10.1 on any Apache system within the organization
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.