Hackers Exploit Apache Struts Vulnerability CVE-2024-53677
/ 1 min read
🛠️ Critical Apache Struts vulnerability CVE-2024-53677 exploited by attackers. A severe vulnerability in the Apache Struts framework, rated 9.5 on the CVSSv4 scale, is being actively exploited by threat actors just days after a proof-of-concept exploit was released. This flaw, affecting versions 2.0.0 to 6.3.0, allows remote code execution through improper file upload handling, enabling attackers to upload malicious files and gain control over servers. The Apache Software Foundation has released version 6.4.0 to address this issue, urging organizations to update their systems. Active exploitation attempts have been detected, with attackers scanning for vulnerable endpoints, highlighting the urgent need for security measures. This vulnerability is linked to a previous flaw, CVE-2023-50164, suggesting a pattern in exploit development.
