An exploit that was recently patched is being heavily attacked. A security vulnerability is being exploited by hackers in Apache Struts 2. Bans, government agencies, and large Internet corporations are at risk.
This vulnerability can allow a remote user to capture almost full control of a web server. This open source software was patched two days ago. However, since this patch was released, hackers are able to easily compromise systems that have not yet been patched.
This is a code executing bug. Also, there are two variations of this bug available. Jakarta file upload multipart parser is where this bug resides. Hackers are primarily submitting probing commands and releasing malware.
Apache Struts version 2.3.5 to 2.3.31 include this vulnerability. Apache Struts 2.5 through 2.5.10 also include this vulnerability. Web servers running Apache Struts 2.3.32 or 220.127.116.11 should upgrade as soon as possible. This security vulnerability requires no authentication, highly reliable, and are pretty easy to implement.
Peter Bright a technology editor claims that perhaps one reason why this exploit is being compromised so much is that this exploit requires code to become recompiled. Applications using Apache Struts 2 must become recompiled with this patch. Quite often patches are just installed and services for software are restarted or a server is rebooted instead.