REDLEGG BLOG

Emergency Security Bulletin: Apache Struts Remote Code Execution

12/17/24 2:21 PM  |  by RedLegg's Cyber Threat Intelligence Team

About:

RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.


VULNERABILITies

Apache Struts File Upload Logic Flaw Leading to Remote Code Execution

Identifier: CVE-2024-53677
Exploit or POC: Yes, active exploitation has been observed in the wild.
Update: CVE-2024-53677 – Apache Security Advisory

Description: CVE-2024-53677 is a critical vulnerability in Apache Struts versions 2.0.0 through 6.3.0.2. The flaw resides in the file upload logic, allowing attackers to manipulate file upload parameters to perform path traversal attacks. Under certain circumstances, this can lead to the uploading of malicious files, resulting in remote code execution. Applications not utilizing the FileUploadInterceptor are not affected.

Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to Apache Struts version 6.4.0 or later and migrate to the new file upload mechanism, as detailed in the Apache Security Advisory. Immediate patching is recommended to prevent potential exploitation. 

Get Blog Updates

Related Articles

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities Vulnerability Bulletins

Emergency Security Bulletin: Multiple SAP NetWeaver Vulnerabilities

About: RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide ...
Patch Tuesday - January 2025 Vulnerability Bulletins

Patch Tuesday - January 2025

*Important note: These are not the only vulnerabilities that were recently released; however, these are the ...
Critical Security Vulnerabilities Bulletin