CVE-2024-53677

【MBSD技術者ブログ】 2025年1月分 #MBSD #SOC の検知傾向トピックスを公開しました。 今月は、Apache Struts 2のファイルアップロードの脆弱性（CVE-2024-53677）を狙った攻撃を観測しました。… https://t.co/tlLa02mcWB https://t.co/LGwJRTil1f

🌐 EQST Insight - Research & Technique ✨ Title - Struts2 File Upload Vulnerability (CVE-2024-53677) 💡details https://t.co/H0RKjjeBSf 💡summary - On December 11, 2024, remote code execution vulnerability (CVE-2024-53677) bypassing Apache Struts2 file upload restrictions w

Strutted from @hackthebox_eu showcases CVE-2024-53677, a upload vulnerability in Apache Struts that can lead to RCE. I also go way down a rabbit hole to understand why the tomcat user can't su to another user, even with the proper password. https://t.co/HQkZV5QYna

Apache Struts 2に存在するRCE脆弱性（CVE-2024-53677,S2-067）に関する検証レポート | NTTデータ先端技術 Apache Struts 2に存在する任意のファイルアップロードが行われリモートコード実行が行われる可能性がある脆弱性について、概要や対策などをご紹介します。 https://t.co/eybU03I6ZH

Remote Code Execution - #Apache #Struts (CVE-2024-53677) vulnerability. On December 20, a public exploit for the vulnerability was released. ➡️ https://t.co/xHVADJL1SO https://t.co/U4JmvR3OAO

CVE-2024-53677: File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some this can lead to uploading a malicious file which can be used to perform Remote Code Execution. PoC https://t.co/kXJh2P9O49 htt

#exploit 1. CVE-2024-3393: Palo Alto Networks PAN-OS Malicious DNS Packet Vulnerability (DoS) - https://t.co/EoSn0IpVU9 2. CVE-2024-12908: Delinea Protocol Handler - RCE via Update Process - https://t.co/1Vgu4OZ84E 3. CVE-2024-53677: Unrestricted Upload of File with Dangerous

CVE-2024-53677 : File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and this can lead to uploading a malicious file which can be used to perform Remote Code Execution. https://t.co/kXJh2PalTH https://t.co/JUj7TEPw

No, Apache Struts CVE-2024-53677 isn't being "actively exploited" to actually compromise production systems. Stop it. You know better. And if you don't, stop saying words on the internet. There are real threats to prioritize.

CVE-2024-53677 這個漏洞也是毀家滅國的問題啊....

Threat Actors Actively Exploiting Apache Struts Vulnerability CVE-2024-53677 https://t.co/PqfsEpkB7p CVE-2023-50164 CVE-2024-53677

#exploit 1. CVE-2024-53677: Critical Apache Struts RCE https://t.co/obcHCIK3qM 2. CVE-2024-10793: WP Activity Log plugin XSS https://t.co/nbC256xZqX 3. CVE-2024-55875: Kotlin HTTP XXE/SSRF https://t.co/BuZqsrJDDO

🚨 CVE Alert: Critical Apache Struts Remote Code Execution Vulnerability 🚨 Vulnerability Details: CVE-2024-53677 (CVSS v3 9.5/10) Apache Struts Remote Code Execution Vulnerability Impact A successful exploit may allow an attacker to manipulate file upload parameters, enabling

🚨 Critical Alert: CVE-2024-53677 🚨 A critical RCE vulnerability in Apache Struts (v2.0.0–6.3.0.2) allows attackers to bypass file checks & execute malicious code. Upgrade to v6.4.0+ ASAP! Secure your assets with HackTru-contact us today! #CyberSecurity #HackTru #CVE2024-5

Descubierta Vulnerabilidad Crítica de Subida de Archivos en #ApacheStruts2 Una grave #vulnerabilidad, identificada como CVE-2024-53677, ha sido detectada en Apache Struts2, un popular framework de desarrollo web en #Java. Esta falla permite a los... https://t.co/qqQWAvXY3c

#ITSecurity Threat actors are attempting to exploit Apache Struts vulnerability CVE-2024-53677 https://t.co/VLBQ3swHXU

CVE-2024-53677: A critical file upload vulnerability in Apache Struts2 - Security Boulevard https://t.co/CjM6cfrPvD

آسیب پذیری CVE-2024-53677 در Apache Struts مورد سوء استفاده قرار گرفت https://t.co/5tCmDRgqNU

🚨 Emerging Threat Alert: Apache Struts CVE-2024-53677 🚨 A critical flaw in Apache Struts allows remote code execution, posing serious risks to organizations. Act now to secure your systems. Details: https://t.co/rCsZgi69XW #Cybersecurity #CyberThreat https://t.co/I9wv6RhQkO

Orgs Scramble to Fix Actively Exploited Bug in Apache Struts 2. A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn't enough to fix it. https://t.co/JlVnkvWQct

Developers, protect your applications now! There's a critical file upload vulnerability (CVE-2024-53677) in Apache Struts2 that could allow unauthorized access and remote code execution. Ensure you're up-to-date and secure! #cybersecurity https://t.co/5cS5XkWqLH https://t.co/FFI

📢ผู้โจมตีพยายามที่จะใช้ประโยชน์จากช่องโหว่ใน Apache Struts ที่หมายเลข CVE-2024-53677 #ThaiCERT #NCSA #CybersecurityNews 📌สามารถติดตามข่าวสารได้ที่ https://t.co/HCsLrrYz4c https://t.co/rVFoL46Vkz

A newly discovered vulnerability, CVE-2024-53677, in the aging Apache framework is going to cause major headaches for IT teams, since patching isn't enough to fix it. https://t.co/6p1CcTR5jY #Apache #cve #vulnerability #CybersecurityNews #threatresq

Apache Struts 2で新たに発見された重大な脆弱性（CVE-2024-53677）が世界中で問題に。単純なパッチでは解決できず、コードの書き換えが必要。金融機関や政府システムなど、重要インフラへの影響が懸念される。 #サイバーセキュリティ #ApacheStruts2 https://t.co/im3Mjj3eVi

Grave vulnerabilità in Apache Struts (CVE-2024-53677): Rischi e Implicazioni per la Sicurezza https://t.co/lH5jDdwj7i #ApacheStruts #Vulnerabilità #CVE202453677 #SicurezzaInformatica #RCE #FrameworkJava #AggiornamentiDiSicurezza #Cybersecurity #Mitigazione #Patch

CVE-2024-53677 – Exploitation Attempts of Critical Apache Struts RCE Vulnerability https://t.co/QrlLlNcr0g #cybersecurity #cve #rce

Threat actors are attempting to exploit a recently disclosed security flaw impacting Apache Strut. The Critical Apache Struts issue is tracked as CVE-2024-53677, carries a CVSS score of 9.5 out of 10.0, indicating critical severity. https://t.co/vKHMBPGPJ9 https://t.co/chivWu2qWW

#Struts: A recently patched Critical Apache Struts 2 #vulnerability tracked as CVE-2024-53677 (CVSS: 9.5) is actively exploited by attackers allowing uploading malicious files like web shells: 👇 https://t.co/jK97IwzJdF

Patch Alert: Une faille critique d'Apache Struts détectée, avec tentatives d'exploitation en cours. CVE-2024-53677 affiche un score CVSS de 9.5/10. Analystes Sécurité, soyez vigilants! #Cybersecurite #ZeroDay #AlerteSécurité 👉 https://t.co/xmq0Ji7Czm

Patch critique pour Apache Struts ! Un défaut de sécurité (CVE-2024-53677) expose à des attaques de code à distance. Les analystes sécurité doivent agir rapidement. #Cybersecurite #ZeroDay 👉 https://t.co/xmq0Ji7Czm

Apache Struts Under Siege: Hackers Exploit Critical Vulnerability CVE-2024-53677 Hot Take: Well, it looks like the Apache Struts vulnerability CVE-2024-53677 is the new hot potato in town, and everyone and their cyber-criminal cousin wants a piece of it. If you're running an… h

A recently patched critical Apache Struts 2 vulnerability tracked as CVE-2024-53677 is actively exploited using public proof-of-concept exploits to find vulnerable devices. https://t.co/4pmXGJ2GuO

Rapid7 analysis of Apache #Struts2 CVE-2024-53677 below via @the_emmons. Very similar to Struts CVE-2023-50164 — payloads have to be customized to the target and unsuccessful exploit attempts are being incorrectly interpreted as exploitation in the wild. https://t.co/IQqCG6uJD2

⚠️PSA - if you’ve recently upgraded Apache Struts 2 to resolve the new critical CVE-2024-53677 RCE vulnerability, you might still be vulnerable! This vulnerability has seen exploit attempts in the wild, only 4 days after it was published on Apache’s security advisory. The… https

💣 Zero-Day: Apache Struts CVE-2024-53677 Under Attack! 💣 WIRE TOR - The Ethical Hacking Services A newly patched Apache Struts 2 vulnerability (CVE-2024-53677) is under active exploitation. This critical flaw is being leveraged to locate and attack vulnerable systems. #Hack ht

آسیب پذیری جدیدی با کد شناسایی CVE-2024-53677 برای محصول Apache Struts2 منتشر شده است . نمره این آسیب پذیری 9.5 می باشد و به هکرها امکان upload فایل و در نهایت اجرای کد به صورت remote را می دهد. https://t.co/Poz3aKYxT1 https://t.co/36wZEnUTqp

🆘❗Vulnerabilidad crítica en Apache Struts amenaza a las agencias gubernamentales 🛡 La vulnerabilidad CVE-2024-53677 en Apache Struts permite la carga de archivos maliciosos. El problema afecta a las versiones de Struts anteriores a la 6.4.0 y permite la ejecución remota de… h

🆘❗Vulnerabilidad crítica en Apache Struts amenaza a las agencias gubernamentales 🛡 La vulnerabilidad CVE-2024-53677 en Apache Struts permite la carga de archivos maliciosos. El problema afecta a las versiones de Struts anteriores a la 6.4.0 y permite la ejecución remota de… h

A critical Apache Struts vulnerability (CVE-2024-53677) with a 9.5/10 CVSS score is actively being exploited, putting corporate IT stacks at risk. » Hackers are uploading malicious files, enabling remote code execution. » Systems running Struts versions 2.0.0 to 6.3.0.2 are…

Exploit Code for Apache Struts CVE-2024-53677 released #ApacheStruts #CVE-2024-53677 #ExploitCode https://t.co/kMEXpOkOtq

🗞️ Critical Apache Struts Vulnerability Actively Exploited A new critical vulnerability in Apache Struts, CVE-2024-53677, is being used by hackers to identify vulnerable servers for exploitation. Immediate patching is crucial as proof-of-concept exploits are already in the wild

Apache Strutsの脆弱性CVE-2024-53677（CVSSスコア9.5）が悪用され、攻撃者がファイルアップロードを通じてリモートコード実行を可能に。対象はStruts 2.0.0～6.3.0.2で、バージョン6.4.0で修正済み。迅速なアップデートが推奨される。 https://t.co/n9RwuTqeJY

New critical Apache Struts flaw exploited to find vulnerable servers: https://t.co/n2lRxW5B45 A critical vulnerability in Apache Struts 2, tracked as CVE-2024-53677, has been actively exploited, allowing attackers to upload malicious files leading to remote code execution. The…

🔥 A critical Apache Struts vulnerability (CVE-2024-53677) with a 9.5/10 CVSS score is actively being exploited, putting corporate IT stacks at risk. Upgrade to Struts 6.4.0+ and adopt the Action File Upload mechanism NOW to stay secure. Details: https://t.co/Ly0RpCCRyZ

A critical vulnerability in Apache Struts 2, identified as CVE-2024-53677, is being actively exploited in order to seek out vulnerable servers. https://t.co/DdPYnLhV4I

Apache Struts Strikes Again: CVE-2024-53677 Vulnerability Sparks Exploit Frenzy! Hot Take: Just when you thought it was safe to go back in the Java waters, Apache Struts makes a splash with yet another vulnerability! This time, it’s like a sequel nobody asked for, featuring the

A newly identified critical vulnerability in Apache Struts 2, tracked as CVE-2024-53677, is being actively exploited. Public proof-of-concept exploits are being used to identify vulnerable servers. Stay informed and secure your systems. Read more at https://t.co/JGBi5Mlze4

Amazing blog article: Apache Struts2 Remote Code Execution Vulnerability: CVE-2024-53677! Check it live: https://t.co/hJF82GYamD

Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release https://t.co/QafzefZw2u

Hackers exploit critical Apache Struts RCE flaw (CVE-2024-53677) after PoC exploit release Hackers are actively exploiting a recently fixed flaw CVE-2024-53677 in the #Apache #Struts after a #PoC exploit was made public https://t.co/BH9FZEJKgn