virus logo Threat Signal Report

Apache Struts2 Remote Code Execution Vulnerability (CVE-2023-50164)

Description

What is the Vulnerability? A remote attacker can manipulate the file upload parameters on the Apache Struts to enable path traversal and upload a malicious file. That can lead to perform remote code execution and complete control of the system. Apache Struts is an open-source and widely adopted framework for developing Java-based web applications.
What is the Vendor Solution? Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.5.33 or Struts 6.3.0.2 or higher. https://cwiki.apache.org/confluence/display/WW/S2-066
What FortiGuard Coverage is available? FortiGuard Labs has an IPS signature "Apache.Struts.File.Upload.Remote.Code.Execution" to detect and block any attack attempts targeting the vulnerability.
FortiGuard Labs recommends organization to upgrade vulnerable versions as soon as possible, if not already done.

Telemetry

Date Dec 19, 2023
CVE ID CVE-2023-50164
Threat/
Vulnerability		 Vulnerability
Experienced a Breach? We're here to help FortiGuard Incident Response Services
FortiGuard Incident Response Services