About:
RedLegg will occasionally communicate vulnerabilities released outside the usual release schedule to provide additional value to our customers. These emergency bulletins describe vulnerabilities or threats we classify as the highest severity level and warrant out-of-band emergency patching or mitigation action.
Identifier: CVE-2024-53677
Exploit or POC: Yes, active exploitation has been observed in the wild.
Update: CVE-2024-53677 – Apache Security Advisory
Description: CVE-2024-53677 is a critical vulnerability in Apache Struts versions 2.0.0 through 6.3.0.2. The flaw resides in the file upload logic, allowing attackers to manipulate file upload parameters to perform path traversal attacks. Under certain circumstances, this can lead to the uploading of malicious files, resulting in remote code execution. Applications not utilizing the FileUploadInterceptor are not affected.
Mitigation Recommendation: Patching is currently the only method of mitigation. Please update to Apache Struts version 6.4.0 or later and migrate to the new file upload mechanism, as detailed in the Apache Security Advisory. Immediate patching is recommended to prevent potential exploitation.