Sonatype describes a newly discovered remote code execution vulnerability in Apache’s Struts2 Framework (CVE-2023-50164). Sonatype explains, “At its core, this vulnerability allows attackers to exploit a flaw in Apache Struts’s file upload system. It lets them manipulate the file upload parameters and perform path traversal. This exploitation can result in arbitrary code execution on the server, leading to various outcomes like unauthorized data access, system compromise, or even complete control over the affected systems, including placing malicious files within systems.”
Erhalten Sie neue, wertvolle Security-Einblicke direkt in Ihren Posteingang:
Menü
