Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter ‘fileFileName’ – a deviation from the original exploit PoC,” Akamai’s Security Intelligence Group flagged on Wednesday. The Shadowserver Foundation has also started noticing exploitation attempts in their sensors, though they don’t see them succeeding. About the vulnerability CVE-2023-50164, reported by Steven Seeley … More →

The post …

aim akamai apache apache struts attackers cases code cve cve-2023-50164 deploy don't miss exploit exploit code flagged hot stuff intelligence parameter path path traversal path traversal vulnerability poc proof public security security intelligence shadowserver struts struts 2 targeting vulnerability webshells