noodls browser compatibility check

The security settings of your browser are blocking the execution of scripts.

To use noodls, javascript support must be enabled. Please change your browser's security settings to enable javascript.

If you have changed your browser's security settings, you can click here.

related announcements

News

Southwest Airlines Co.

Southwest Airlines To Seek Dot Approval For Daily Nonstop Service[...]
High Wire Networks Inc.

High Wire Reports Q1 2024 Revenue of $7.7 Million, up 57% Sequentially,[...]
Southwest Airlines Co.

SOUTHWEST AIRLINES TO SEEK DOT APPROVAL FOR DAILY NONSTOP SERVICE[...]

Science and Technology

Trend Micro Inc.

12/15/2023 | News release | Distributed by Public on 12/14/2023 23:56

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit

Apache has recently released an advisory regarding CVE-2023-50164, a critical vulnerability with a severity rating of 9.8 that affects Apache Struts 2. CVE-2023-50164 is intricately tied to an organization's Apache Struts architecture and the way it uses its file upload feature, enabling unauthorized path traversal that could be abused to upload a malicious file and perform remote code execution (RCE). It should be noted that exploiting this vulnerability at scale becomes significantly challenging for attackers, as it lacks the same straightforward scanning and exploitation capabilities observed in CVE-2017-5638. Apache advises users to upgrade to Struts 2.5.33, 6.3.0.2, or higher.

Apache Struts is extensively integrated into various systems and has gained widespread attention via the infamous Equifax breach in 2017. The Equifax breach affected over 145 million people and led to the consumer credit reporting agency paying a US$700 million settlement. One significant aspect of the incident involved Equifax hackers stealing 200,000 credit card accounts in a single, sweeping attack.

What versions are affected?

This vulnerability impacts Struts versions ranging from 2.5.0 to 2.5.32 and 6.0.0 to 6.3.0:

Struts 2.0.0 - Struts 2.3.37 (EOL)
Struts 2.5.0 - Struts 2.5.32
Struts 6.0.0 - Struts 6.3.0

Dissecting the vulnerability

The flaw permits an attacker to manipulate file upload parameters, opening the door to path traversal. This could potentially result in the uploading of a malicious file, enabling remote code execution. The vulnerable end-point is /upload.action as per the current scenario.

What's occurring is a distinction in the treatment of parameters based on case sensitivity. For instance, the vulnerability views param1="value1" and Param1="Value1" as different due to the case-sensitive nature of HTTP parameters. Upon examining the recent commits from the Apache team, we found that they have changed the HTTP parameters to be case-insensitive (Figure 1).

Sharing and Personal Tools

Please select the service you want to use:

Back

View original format