Recent Apache Struts 2 Vulnerability in Attacker Crosshairs

December 15, 2023 at 06:42AM Threat actors are exploiting a critical remote code execution flaw in internet-accessible Apache Struts 2 instances. Tracked as CVE-2023-50164, the bug allows attackers to manipulate file upload parameters and upload malicious files, resulting in RCE. Despite widespread exploitation attempts, scaling the attack is challenging. Users of affected Struts versions are … Read more