Apache Struts2 high risk vulnerabilities struck please timely attention

Zhang Xin 贵族宝贝semzhangxin.cn blog: Blog: focus on network marketing and the Shanghai dragon, network marketing, network promotion, website optimization, website planning, Shanghai Phoenix, SEM exchange of views and experience sharing.

webmaster, love Shanghai Webmaster Platform now issued a safety risk notice, check the webmaster site investigation using the Struts2 framework, such as the use of your own website timely diagnosis of the existence of the vulnerability. To this end, the security alliance partner scanv security emergency center developed an online tool, can help you quickly diagnose the existence of this vulnerability, click Details: 贵族宝贝scanv贵族宝贝/tools/.

if the existence of this vulnerability to your website, please make an emergency repair, upgrade to the latest official version Struts 2.3.15.1, download address: 贵族宝贝struts.apache.org/download.cgi#struts23151

dear webmaster friends,

well-known security vulnerabilities cloud platform website, from yesterday, received a large number of well-known domestic sites produced by using the Struts application framework of vulnerability, involving websites including Kuba, love Shanghai, Chinese Unicom station, YeePay, tudou贵族宝贝, Jingdong mall, shop No. 1, Lily network, NetEase, Sohu, Taobao etc.. Love Shanghai Webmaster Platform also issued a safety risk notice:

Hello, yesterday the Internet suffered a storm vulnerability Apache high-risk vulnerabilities Struts2, affects all versions of 2.3.15 Struts 2.0.0 -Struts. Effect of a large number of websites including many well-known sites, affected by this vulnerability in different degrees. The attacker can execute malicious code using the Java vulnerability, which eventually led to the website data theft, web tampering and other serious consequences, the security websites and Internet users a great threat.

In order to avoid the loss of This paper from the Zhang Xin

Leave a Reply