Vulnerability: Apache – CVE-2017-5638 – Apache Struts Jakarta Parser

In March of 2017, attackers began exploiting a bug in the Apache Struts Jakarta Multipart parser. The attack resulted in attackers being able to execute arbitrary commands on HTTP servers with specially crafted HTTP requests. This vulnerability has recently gained additional buzz because there has been a recently named campaign (Zealot) that uses this vulnerability to compromise a web server and gain a foothold on the network and then use EternalBlue and EternalSynergy exploits to move laterally.

Campaign using vulnerability to gain foothold via web servers – https://f5.com/labs/articles/threat-intelligence/cyber-security/zealot-new-apache-struts-campaign-uses-eternalblue-and-eternalsynergy-to-mine-monero-on-internal-networks?sf176487178=1

NVD Reference – https://nvd.nist.gov/vuln/detail/CVE-2017-5638#vulnDescriptionTitle

Proficio Threat Intelligence Recommendations:

  • Upgrade to Struts 2.3.32 or Struts 2.5.10.1 on any Apache system within the organization

Recent Blog Posts

Stay Ahead of Evolving Threats

Sign up for our free newsletter and receive invaluable threat notifications from our Threat Intelligence team.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.

REQUEST A DEMO

Experience Tomorrow’s
Security Today

Request a Demo and Experience Proficio's
Innovative Solutions in Action.

By submitting this form, you agree to the Proficio Website Terms of Use and the Proficio Privacy Policy.