virus logo Threat Signal Report

Apache Struts2 Remote Code Execution Vulnerability

What is the Vulnerability? A remote attacker can manipulate the file upload parameters on the Apache Struts to enable path traversal and upload a malicious file. That can lead to perform remote code execution and complete control of the system. Apache Struts is an open-source and widely adopted framework for developing Java-based web applications.

What is the Vendor Solution? Users and administrators are encouraged to review the Apache Security Bulletin and upgrade to Struts 2.5.33 or Struts 6.3.0.2 or higher. https://cwiki.apache.org/confluence/display/WW/S2-066
What FortiGuard Coverage is available? FortiGuard Labs has an IPS signature "Apache.Struts.File.Upload.Remote.Code.Execution" to detect and block any attack attempts targeting the vulnerability.
FortiGuard Labs recommends organization to upgrade vulnerable versions as soon as possible, if not already done.

description-logoOutbreak Alert

FortiGuard Labs has detected on-going exploit attempts targeting a recently patched Apache Struts 2 vulnerability. Attackers can manipulate file upload parameters to enable path traversal, potentially leading to malicious file upload. This may result in Remote Code Execution, allowing attackers to run arbitrary code, steal data, or compromise entire systems.

View the full Outbreak Alert Report

Released Date Dec 19, 2023
Tags Apache Struts 2 RCE Threat Signal Vulnerability
CVE ID

Experienced a Breach? We're here to help

FortiGuard Incident Response Services
FortiGuard Incident Response Services
Outbreak Alert Outbreak Alert
About FortiGuard Threat Signal

Learn More »