Apache Struts RCE

Prathap

Published on

01 Oct 2021

Vulnerability

When evaluated on raw user input in tag attributes, Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation may lead to remote code execution.

Mitigation / Precaution

Upgrade to the latest version as soon as possible

Written by

Prathap

Co-founder, Director

Summarize:

ChatGPT Perplexity AI

Experience the Beagle Security platform

Unlock one full penetration test and all Advanced plan features free for 14 days

Start free trial

Vulnerability

06 Dec 2025

Critical next.js remote code execution vulnerability (CVE-2025-55182)

Manindar Mohan

Cyber Security Lead Engineer

Vulnerability

04 Jun 2025

Rails debug mode enabled

Sooraj V Nair

Cyber Security Engineer

Heartbleed vulnerability

Nash N Sulthan

Cyber Security Lead Engineer

Vulnerability

27 May 2025

Broken object level authorization

Febna V M

Cyber Security Engineer

Vulnerability

27 May 2025

Cross-Site Scripting (XSS)

Blind OS command injection using timing attack

Jijith Rajan

Cyber Security Engineer

Authentication bypass and stored cross site scripting

Vulnerability

06 May 2025

Authentication bypass and stored cross site scripting

Cyber Security Lead Engineer

Vulnerability

10 Apr 2025

TLS Firefox compatibility

WordPress key weak hashing

Sooraj V Nair

Cyber Security Engineer

Information sent using unencrypted channels

Vulnerability

22 Feb 2025

Information sent using unencrypted channels

Manindar Mohan

Cyber Security Lead Engineer

Information leakage of the web application's directory or folder path

Vulnerability

28 Jan 2025

Information leakage of the web application's directory or folder path

Nash N Sulthan

Cyber Security Lead Engineer

Vulnerability

27 Jan 2025

Information leakage using meta tag

Jijith Rajan

Cyber Security Engineer

Apache Struts RCE

Mitigation / Precaution

Related Articles