The FBI issued a flash alert warning people to patch the Apache Struts vulnerabilities warning that it enabled an unnamed corporate breach.
Although unnamed, researchers believe the notification references the Equifax breach in which the vulnerability was remotely exploited by an attacker to deploy web shells which allowed for wide access within the compromised network, according to a Sept. 29 alert obtained by Cyberscoop.
The vulnerability referred to in the alert was CVE-2017-5638 which could allow an attacker to remotely run code on a web server, access files and bypass security controls by sending unauthenticated web requests to an unpatched machine.
“These vulnerabilities affect numerous industries, including financial firms and third-party vendors on which financial firms rely,” the alert said. ”Vulnerabilities associated with Apache Struts can exist on Web applications hosted on traditional servers as well as be embedded in hardware devices such as multifunction printers which support a Web interface for configuration and management.”
Equifax executives were notified of the vulnerabilities and twice searched for any issues in its networks only to leave the flaw unpatched in its Consumer Dispute Portal. The alert urges companies to take proactive steps to prevent similar attacks.
