all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)

Add to bookmarks
Dec. 8, 2023, 11:48 a.m. | Zeljka Zorz

Help Net Security www.helpnetsecurity.com

The Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution (CVE-2023-50164). About CVE-2023-50164 CVE-2023-50164 may allow an attacker to manipulate file upload parameters to enable path traversal. Under some circumstances this may allow the attacker to upload a malicious file that can be used to perform remote code execution. No additional details are available at this time. The … More


The post …

apache apache struts application attacker code code execution critical critical vulnerability cve don't miss enable file file upload fixes framework hot stuff may path path traversal popular project rce remote code remote code execution security update struts struts 2 under updates upgrade upload vulnerability web web application web application security

Visit resource

More from www.helpnetsecurity.com / Help Net Security

Most people still rely on memory or pen and paper for password management 1 day, 17 hours ago | www.helpnetsecurity.com
accounts australia authentication bitwarden +24
LSA Whisperer: Open-source tools for interacting with authentication packages 1 day, 18 hours ago | www.helpnetsecurity.com
authentication azuread cybersecurity github +16
What AI can tell organizations about their M&A risk 1 day, 18 hours ago | www.helpnetsecurity.com
acquisition adoption ai adoption amp +19
Breaking down the numbers: Cybersecurity funding activity recap 1 day, 19 hours ago | www.helpnetsecurity.com
10 million aim aim security alethea +55
New infosec products of the week: April 26, 2024 1 day, 19 hours ago | www.helpnetsecurity.com
april capabilities cyber cyberint +21
Net neutrality has been restored 2 days, 4 hours ago | www.helpnetsecurity.com
actions broadband communications consumers +24
Stellar Cyber and Acronis team up to provide optimized threat detection solutions for MSPs 2 days, 9 hours ago | www.helpnetsecurity.com
acronis aim and response cloud +22
Edgio Client-Side Protection enables organizations to secure critical customer data 2 days, 9 hours ago | www.helpnetsecurity.com
apis browser client client-side +26
IBM to buy HashiCorp in $6.4 billion cash deal, expanding cloud portfolio 2 days, 10 hours ago | www.helpnetsecurity.com
agreement capabilities cash cloud +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote Canada
View on infosec-jobs.com

Senior Application Security Engineer

@ Revinate | San Francisco Bay Area
View on infosec-jobs.com

Cyber Security Manager

@ American Express Global Business Travel | United States - New York - Virtual Location
View on infosec-jobs.com

Incident Responder Intern

@ Bentley Systems | Remote, PA, US
View on infosec-jobs.com

SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com
View more jobs