Matthew Remacle (Remy) digs into the newly disclosed Apache Struts2 CVE-2023-50164 file upload vulnerability. This weakness allows an attacker to drop a web shell that can be called remotely through a public interface over defined routes.<p>Apache Struts2 is an open-source Java web application development framework used in various enterprise-grade applications and business use cases.<p>The vulnerability occurs when a multipart form request is used, and the constraints for path normalization are bypassed.<p>The attacker can inject a web shell (e.g., shell.jsp) into the file system, which can then be remotely called.<p>The exploitation of this vulnerability depends on the specific implementation of Apache Struts2 in a vendor's product and the defined actions' path.
Previously:<p><a href="https://www.synopsys.com/blogs/software-security/equifax-apache-struts-vulnerability-cve-2017-5638.html" rel="nofollow noreferrer">https://www.synopsys.com/blogs/software-security/equifax-apa...</a><p>I wonder how long before I get more notices from Equifax.