Vulnerability description:
Struts 2 again exposes remote code execution vulnerability S2-037, CVE number CVE-2016-4438. Users who use the REST plugin will be affected.
Affected version:
Struts 2.3.20-2.3.28.1
Vulnerability level:
high risk
Repair suggestions:
1. Upgrade to version 2.3.29.
2. Use Baidu Cloud to accelerate WAF firewall for defense.
3. Add a website to the cloud observation, and learn about sudden/0day vulnerabilities in website components in time.