APACHE FIXED CRITICAL RCE FLAW CVE-2023-50164 at STRUTS 2

The Apache Software Foundation fixed a critical file upload vulnerability in the Struts 2 open-source framework. This flaw, tracked as CVE-2023-50164, could allow remote code execution.

An attacker can manipulate file upload parameters to upload a malicious file and execute code on the server.

• Event
• International

CYDES 2025
MCSS to implement 6 strategic goals with 7 objectives over 6 year: NACSA Chief

By F2 / Wednesday , July 2 2025

The second day of the Cyber Defence & Security Exhibition and Conference (CYDES) 2025 further cemented Malaysia’s position as a...

Read More

• International

CYDES 2025
Malaysia placed cybersecurity heart of the regional agenda: DPM Ahmad Zahid

By F2 / Tuesday , July 1 2025

Malaysia's Deputy Prime Minister Datuk Seri Dr. Ahmad Zahid Hamidi said that Malaysia has placed cybersecurity at the heart of...

Read More

• International

Amid Meta moves; OpenAI is largely shutting down next week: Wired

By F2 / Tuesday , July 1 2025

Mark Chen, the chief research officer at OpenAI, sent a forceful memo to staff on Saturday, promising to go head-to-head...

Read More

• Alert
• Hot Topic

Canada orders Hikvision to close operations over national security

By F2 / Tuesday , July 1 2025

The Canadian government ordered Hikvision to stop all operations in the country due to national security concerns. Hikvision, based in...

Read More

• International

First couple “Rosie” to conceive using AI tech “STAR” successfully

By infosecbulletin / Sunday , June 29 2025

Doctors at Columbia University Fertility Center have reported what they are calling the first pregnancy using a new AI system,...

Read More

• Alert
• Cyber Attack

Scattered Spider Actively Attacking Aviation and Transportation: FBI

By infosecbulletin / Saturday , June 28 2025

Cybersecurity experts and federal authorities are warning that the Scattered Spider hackers are now targeting aviation and transportation, indicating a...

Read More

• Alert
• Hot Topic
• International

Russia’s restrictions on Cloudflare making websites inaccessible

By F2 / Saturday , June 28 2025

Since June 9, 2025, Russian users connecting to Cloudflare services have faced throttling by ISPs. As the throttling is being...

Read More

• Cyber Attack
• Data Breach

61 million Verizon records allegedly posted online for sale

By infosecbulletin / Saturday , June 28 2025

A new report from SafetyDetectives reveals that hackers posted a massive 3.1GB dataset online, containing about 61 million records reportedly...

Read More

• Hot Topic

Cyber Expert ‘Rene Joshilda’ Arrested for Bomb Hoaxes

By infosecbulletin / Friday , June 27 2025

A 30-year-old robotics engineer from Chennai set off alarm bells in 11 states by allegedly sending hoax bomb threats. She...

Read More

• Alert
• Vulnerabilities

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow to Gain Root Access

By infosecbulletin / Friday , June 27 2025

Cisco has issued updates to fix two critical security vulnerabilities in Identity Services Engine (ISE) and ISE Passive Identity Connector...

Read More

“An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.” reads the advisory published by Apache Software Foundation. Upgrade to Struts 2.5.33 or higher, as advised by the foundation.

Steven Seeley from Source Incite reported the vulnerability. Apache has not confirmed any active exploitation in attacks.

ALSO READ:

Mid-sized Canadian firms pay an average $1.13 million to ransomware gangs