2026年1月13日星期二

Apache Struts Denial of Service Vulnerability

Apache Struts Denial of Service Vulnerability

Release Date: 13 Jan 2026

RISK: Medium Risk

TYPE: Servers - Web Servers

A vulnerability was identified in Apache Struts. A remote user can exploit this vulnerability to trigger denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system.

 

Impact

  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Struts 2.0.0 through Struts 2.3.37 (EOL)
  • Struts 2.5.0 through Struts 2.5.33 (EOL)
  • Struts 6.0.0 through Struts 6.1.0

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to Struts 6.1.1 at least

Vulnerability Identifier

Source

Related Link

沒有留言:

發佈留言

訂閱: 發佈留言 (Atom)

F5 產品多個漏洞

F5 產品多個漏洞 發佈日期: 2026年05月15日 風險: 中度風險 類型: 操作系統 - Network 於 F5 產品發現多個漏洞。遠端...