Ancestors

Written by Kevin Beaumont on 2024-12-17 at 23:54

As a vulnerability hype train sense check:

There's a new Apache Struts vuln doing the rounds which is very very similar to one in this thread.

People lost their minds about it at the time.

They might want to read the thread.

=> More informations about this toot | More toots from GossiTheDog@cyberplace.social

Toot

Written by Kevin Beaumont on 2024-12-18 at 17:25

On CVE-2024-53677 (Struts vuln), it's following a very similar path to the Struts 2 vuln this time last year:

• Media are reporting it is being exploited in the wild. It isn't. People are spraying and praying - the exploit payloads don't work.

• People are posting a PoC for it. The PoC doesn't work. You'd have to make a vulnerable webapp, and then tailor the PoC to it.

Not to downplay it, just keep calm and patch. You may have noticed the internet didn't melt last time.

=> View attached media

=> More informations about this toot | More toots from GossiTheDog@cyberplace.social

Descendants

Written by Kevin Beaumont on 2024-12-18 at 21:32

Greynoise on Struts vuln https://infosec.exchange/@ntkramer/113675937782214019

=> More informations about this toot | More toots from GossiTheDog@cyberplace.social

Written by Kevin Beaumont on 2024-12-18 at 21:33

Rapid7 on Struts vuln: https://infosec.exchange/@catc0n/113675772827431567

=> More informations about this toot | More toots from GossiTheDog@cyberplace.social

Written by Kevin Beaumont on 2024-12-23 at 14:35

yip. similar to the CVE this time last year, I've not seen or heard of an actual incident resulting from the vuln.

https://infosec.exchange/@todb/113702464854067173

=> More informations about this toot | More toots from GossiTheDog@cyberplace.social

Written by nobletrout on 2024-12-24 at 03:33

@GossiTheDog ahhhh not struts again. I’m still reeling from CVE-2017-5638

=> More informations about this toot | More toots from nobletrout@infosec.exchange