Free for PREMIUM members
Go Premium for a chance to win a PS4. Enter to Win
We notified Struts2 team of the zero day being publicly disclosed and showed them the mitigation we were proposing before writing this blog post. Until the Struts2 team releases the fix, please update your excludeParams regular expression to include the following regex for the opening square bracket and capital 'C' cases
We provide a variety of solutions against these threats. Users of Deep Security have various rules which help block Struts exploits and drop the related malicious packets. In addition, we detect the backdoors planted on affected sites as HKTL_ACTREDIR and JS_SPRAT.SM.
The hash values of the hacking tool sample are as follows:
We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!