Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2023-50164: Apache Struts: File upload component had a directory traversal vulnerability

Related Vulnerabilities: CVE-2023-50164  
Source 
                Severity: critical

Affected versions:

- Apache Struts 2.0.0 through 2.5.32
- Apache Struts 6.0.0 through 6.3.0.1

Description:

An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to 
uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or  Struts 6.3.0.1 or greater to fix this issue.

Credit:

Steven Seeley (reporter)

References:

https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj
https://struts.apache.org/
https://www.cve.org/CVERecord?id=CVE-2023-50164

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started