Struts2 high-risk remote code execution (S2-037) vulnerability and its repair - Code World

Struts2 high-risk remote code execution (S2-037) vulnerability and its repair

Others 2020-10-30 11:56:18 views: null

Vulnerability description:
Struts 2 again exposes remote code execution vulnerability S2-037, CVE number CVE-2016-4438. Users who use the REST plugin will be affected.
Insert picture description here

Affected version:
Struts 2.3.20-2.3.28.1

Vulnerability level:
high risk

Repair suggestions:
1. Upgrade to version 2.3.29.
2. Use Baidu Cloud to accelerate WAF firewall for defense.
3. Add a website to the cloud observation, and learn about sudden/0day vulnerabilities in website components in time.

Guess you like

Origin blog.csdn.net/weixin_45715145/article/details/102454743

Struts2 high-risk remote code execution (S2-037) vulnerability and its repair

MySQL high-risk code execution 0Day vulnerability and its repair

Ink Academy 13 Apache Struts2 Remote Code Execution Vulnerability (S2-016) Reappears

Apache Struts2 remote code execution vulnerability (S2-001) reappears

ThinkPHP5 remote code execution vulnerability in high-risk (attached: upgrade remediation solution)

CVE-2021-31805|Apache Struts2 remote code execution vulnerability warning

WordPress plugin Mailpress high-risk remote command execution vulnerability

[Laboratory] know Chong Yu Zhiyuan 404 OA System Remote arbitrary code execution vulnerability in high-risk security warning

Execution Vulnerabilities in Struts2 Application of REST Plug-in and Its Repair

[High Risk] Atlassian Confluence Remote Code Execution Vulnerability

[High Risk] Office and Windows HTML Remote Code Execution Vulnerability

【High Risk】Microsoft Exchange Server Remote Code Execution Vulnerability

[High Risk] Microsoft Teams Remote Code Execution Vulnerability

[High Risk] Microsoft Office Visio Remote Code Execution Vulnerability

Detailed explanation of the latest high-risk vulnerabilities in Struts2

Apache struts2 Freemarker label remote command execution _CVE-2017-12611 (S2-053) vulnerability reproducibility

Apache struts2 namespace remote command execution _CVE-2018-11776 (S2-057) vulnerability reproducibility

struts2-045 Remote Code Execution Vulnerability (CVE-2017-5638)

[Microsoft Message Queuing Remote Code Execution Vulnerability (CVE-2023-21554) Vulnerability Repair]

Zabbix high-risk SQL injection vulnerability and repair plan

[High Risk] Nuxt.js <3.4.3 Remote Code Execution Vulnerability (POC Public)

struts2 vulnerability

[Medium Risk] Apache Airflow ODBC Provider Remote Code Execution Vulnerability

[High Risk] Code Execution Vulnerability in WPS Office

Typora remote code execution vulnerability

[Vulnerability notice] Fastjson remote code execution vulnerability

Drupal warns of new high-severity remote code execution vulnerability

Drupal warns of new high-severity remote code execution vulnerability

[High risk] jeecg-boot/building block report based on the arbitrary code execution vulnerability of the H2 driver

CVE-2019-9535: iTerm2 remote code execution vulnerability alert

Recommended

Ranking

#2019110700005

What materials and procedures are required for patent transfer

What is the blockchain Ethereum triplet state root transaction root receipt root

Front-end study notes 04 --- About the insertion of html pictures and videos

Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries

2017 Qingdao-site tournament I The Squared Mosquito Coil

[BZOJ3165][HEOI2013]Segment (line segment tree without marking)

Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju

The latest tutorial on making framework for iOS

DAX Section 6: Statistical Functions

Daily

More

2024-05-14(9)

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)