Apache Struts Arbitrary File Upload Vulnerability S2-067 (CVE-2024-53677)
![](https://nsfocusglobal.com/wp-content/uploads/2019/11/Apache.jpg)
dezembro 16, 2024
Overview Recently, NSFOCUS CERT monitored that Apache released a security bulletin, fixing the Apache Struts arbitrary file upload vulnerability S2-067 (CVE-2024-53677). Due to a logical defect in the file upload function, an unauthenticated attacker can perform path traversal by controlling the file upload parameters, thereby uploading malicious files to achieve remote code execution. The CVSS […]