New Apache Struts 2 Vulnerability Exploited in the Wild

Patches were released last week to address a critical vulnerability, CVE-2018-11776, in the Apache Struts 2 framework. The flaw impacts Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 and can be exploited to allow a remote threat actor to execute code on vulnerable systems. Since the vulnerability was disclosed, proof-of-concept (PoC) code to exploit the flaw has been posted online; one of these scripts was embedded into a Struts exploitation toolkit. The first attempts to exploit the vulnerability began on August 27, with attackers attempting to use vulnerable systems to mine cryptocurrency. The NJCCIC recommends administrators of systems running Apache Struts 2 review the security bulletin and update their systems as soon as possible.

AlertNJCCICApache, Apache Struts