Welcome to WebmasterWorld Guest from 54.158.86.243

Forum Moderators: Ocean10000 & incrediBILL & phranque

Apache Struts: Possible Remote Code Execution

     
6:00 pm on Mar 20, 2017 (gmt 0)

Administrator from GB 

WebmasterWorld Administrator engine is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:May 9, 2000
posts:23946
votes: 477


Time to update to Apache Struts V 2.3.32 or 2.5.10.1 to avoid a remote code execution attack.

Solution

If you are using Jakarta based file upload Multipart parser, upgrade to Apache Struts version 2.3.32 or 2.5.10.1. You can also switch to a different implementation of the Multipart parser. Apache Struts: Possible Remote Code Execution [cwiki.apache.org]