all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Add to bookmarks
Dec. 14, 2023, 10:21 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

Attackers are trying to leverage public proof-of-exploit (PoC) exploit code for CVE-2023-50164, the recently patched path traversal vulnerability in Apache Struts 2. “Attackers aim to deploy webshells, with some cases targeting the parameter ‘fileFileName’ – a deviation from the original exploit PoC,” Akamai’s Security Intelligence Group flagged on Wednesday. The Shadowserver Foundation has also started noticing exploitation attempts in their sensors, though they don’t see them succeeding. About the vulnerability CVE-2023-50164, reported by Steven Seeley … More


The post …

aim akamai apache apache struts attackers cases code cve cve-2023-50164 deploy don't miss exploit exploit code flagged hot stuff intelligence parameter path path traversal path traversal vulnerability poc proof public security security intelligence shadowserver struts struts 2 targeting vulnerability webshells

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Bug hunters can get up to $450,000 for an RCE in Google’s Android apps 3 hours ago | www.helpnetsecurity.com
android android apps app apps +17
Trellix Wise automates security workflows with AI, streamlining threat detection and remediation 5 hours ago | www.helpnetsecurity.com
artificial artificial intelligence cyber cyber risk +21
Microsoft, Google widen passkey support for its users 5 hours ago | www.helpnetsecurity.com
account protection authentication awareness bitwarden +18
Cyble Vision X covers the entire breach lifecycle 5 hours ago | www.helpnetsecurity.com
access artificial artificial intelligence aspect +23
BlackBerry CylanceMDR improves cybersecurity defensive strategy 6 hours ago | www.helpnetsecurity.com
address advanced ai platform amp +28
FortiGate 200G series boosts campus connectivity for Wi-Fi 7 6 hours ago | www.helpnetsecurity.com
ai-powered campus connectivity firewall +15
Nokod Security Platform secures low-code/no-code development environments and apps 7 hours ago | www.helpnetsecurity.com
applications apps automations code +23
Lenovo launches AI-based Cyber Resiliency as a Service 7 hours ago | www.helpnetsecurity.com
copilot copilot for security cyber cyber protection +24
Edgio ASM reduces risk from web application vulnerabilities 8 hours ago | www.helpnetsecurity.com
application application vulnerabilities asm assets +33

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Intern, Cyber Security Vulnerability Management

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Compliance - Global Privacy Office - Associate - Bengaluru

@ Goldman Sachs | Bengaluru, Karnataka, India
View on infosec-jobs.com

Cyber Security Engineer (m/w/d) Operational Technology

@ MAN Energy Solutions | Oberhausen, DE, 46145
View on infosec-jobs.com

Armed Security Officer - Hospital

@ Allied Universal | Sun Valley, CA, United States
View on infosec-jobs.com

Governance, Risk and Compliance Officer (Africa)

@ dLocal | Lagos (Remote)
View on infosec-jobs.com

Junior Cloud DevSecOps Network Engineer

@ Accenture Federal Services | Arlington, VA
View on infosec-jobs.com
View more jobs