Critical Apache Struts2 Vulnerability ( CVE-2017-5638 )

This vulnerability is a serious remote exploit that provides code execution from unauthenticated attackers. The exploit allows attackers to inject commands in the Content-Type: field of the HTTP header.

RedShield already blocks attacks attempting to use this exploit as they are recognised as code injection and malformed HTTP requests. All customers in BLOCKING mode are already protected.

Security advisory from Apache:

RedShield has seen attempts of attacks which would download executables and try to turn off local host based firewalls (iptables).




Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request