all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Understanding the Impact of the new Apache Struts File Upload Vulnerability

Add to bookmarks
Dec. 12, 2023, 9:08 p.m. | Nathan Sportsman

Security Boulevard securityboulevard.com

Introduction Recently researcher Steven Seeley discovered a way to abuse the popular Apache Struts frameworks’ file upload functionality to achieve remote code execution. This bug, known as CVE-2023-50164, has been assigned a 9.8 CVSS score. No doubt this is causing some security practitioners to have flashbacks of the “good times” that a serious Struts bug […]


The post Understanding the Impact of the new Apache Struts File Upload Vulnerability appeared first on Praetorian.


The post Understanding the Impact of …

abuse apache apache struts bug code code execution cve cve-2023-50164 cvss cvss score file file upload frameworks good impact introduction popular remote code remote code execution researcher score security security practitioners struts understanding upload vulnerabilities vulnerability vulnerability research

Visit resource

More from securityboulevard.com / Security Boulevard

USENIX Security ’23 – Beyond Typosquatting: An In-depth Look at Package Confusion 5 hours ago | securityboulevard.com
access authors beyond conference +19
Breaking Down Cybersecurity: The Real Meaning Behind the Jargon 10 hours ago | securityboulevard.com
authenticity availability breaking cia +19
What is General Data Protection Regulation Act (GDPR)? 12 hours ago | securityboulevard.com
act adoption center challenges +32
Cloud Monitor Automation Improves K-12 Cybersecurity Training & Awareness 22 hours ago | securityboulevard.com
automation awareness chief cloud +28
USENIX Security ’23 – UVSCAN: Detecting Third-Party Component Usage Violations in IoT Firmware 1 day, 1 hour ago | securityboulevard.com
access authors conference events +15
Local Privilege Escalation Vulnerability in Ant Media Server (CVE-2024-32656) 1 day, 2 hours ago | securityboulevard.com
ant application customers cve +21
Understanding Cybersecurity Vulnerabilities 1 day, 3 hours ago | securityboulevard.com
advice attacks can cybersecurity +12
Bridging the Gap: Uniting Development and AppSec 1 day, 4 hours ago | securityboulevard.com
application security appsec aspm bridging the gap +20
Open-Source Software Security 1 day, 5 hours ago | securityboulevard.com
blog blog post cloud cloud-native +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote Canada
View on infosec-jobs.com

Senior Application Security Engineer

@ Revinate | San Francisco Bay Area
View on infosec-jobs.com

Cyber Security Manager

@ American Express Global Business Travel | United States - New York - Virtual Location
View on infosec-jobs.com

Incident Responder Intern

@ Bentley Systems | Remote, PA, US
View on infosec-jobs.com

SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May

@ EMW, Inc. | Mons, Wallonia, Belgium
View on infosec-jobs.com
View more jobs