Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://cyberplace.social/users/GossiTheDog/statuses/113702636243093457">Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 23-Dec-2024 23:35:58 JST</a><a href="https://cyberplace.social/@GossiTheDog" title="gossithedog@cyberplace.social"><img src="https://gnusocial.jp/avatar/38360-48-20250225114715.webp" width="48" height="48" alt="Kevin Beaumont" style="position: absolute; left: 0; top: 0;">Kevin Beaumont</a><div><a href="https://cyberplace.social/@GossiTheDog/113675967388149033" rel="in-reply-to">in reply to</a></div></section><article><p>yip.  similar to the CVE this time last year, I've not seen or heard of an actual incident resulting from the vuln.<br> <a href="https://infosec.exchange/@todb/113702464854067173" rel="nofollow noreferrer">https://infosec.exchange/@todb/113702464854067173</a></p></article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/2601140#notice-8290178">In conversation</a><time datetime="2024-12-23T23:35:58+09:00" title="Monday, 23-Dec-2024 23:35:58 JST">about 3 months ago</time> <span>from <span><a href="https://cyberplace.social/@GossiTheDog/113702636243093457" rel="external" title="Sent from cyberplace.social via ActivityPub">cyberplace.social</a></span></span><a href="https://cyberplace.social/@GossiTheDog/113702636243093457">permalink</a><h4>Attachments</h4><ol><li><article><header><div>No result found on File_thumbnail lookup.</div><h5><a href="https://infosec.exchange/@todb/113702464854067173">Tod Beardsley :thinkerguns: (@todb@infosec.exchange)</a></h5><div> from <span>Tod Beardsley :thinkerguns:</span></div></header><div>Near as I can tell, the activity around the #Struts2 bug, 
CVE-2024-53677, is just ham-handed runs of some generalized PoC, and nobody's actually exploiting this yet (since exploitation would be very application/path specific).Most of the news last week was all "exploitation happening, patch and rewrite everything now!" but not seeing any reports of successful (or even possibly successful) this morning.Tell me I'm wrong!(The PoC identified by SANS at https://isc.sans.edu/diary/31520 isn't specific to some particular application -- it's on the user to define `upload_endpoint` and assumes no auth or session or anything.)</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
Kevin Beaumont (gossithedog@cyberplace.social)'s status on Monday, 23-Dec-2024 23:35:58 JST Kevin Beaumont
in reply to
yip. similar to the CVE this time last year, I've not seen or heard of an actual incident resulting from the vuln.
https://infosec.exchange/@todb/113702464854067173
In conversationabout 3 months ago from cyberplace.socialpermalink
Attachments
1. No result found on File_thumbnail lookup.
  Tod Beardsley :thinkerguns: (@todb@infosec.exchange)
  from Tod Beardsley :thinkerguns:
  Near as I can tell, the activity around the #Struts2 bug, CVE-2024-53677, is just ham-handed runs of some generalized PoC, and nobody's actually exploiting this yet (since exploitation would be very application/path specific). Most of the news last week was all "exploitation happening, patch and rewrite everything now!" but not seeing any reports of successful (or even possibly successful) this morning. Tell me I'm wrong! (The PoC identified by SANS at https://isc.sans.edu/diary/31520 isn't specific to some particular application -- it's on the user to define `upload_endpoint` and assumes no auth or session or anything.)

Public

Embed Notice

HTML Code

Corresponding Notice