The CVE-2017-5638 Apache Struts 2 command execution flaw affects Cisco products


On Friday, Cisco confirmed that at least some of its products are affected by an Apache Struts 2 command execution vulnerability tracked as CVE-2017-5638. The CVE-2017-5638 remote code execution zero-day has been exploiting by attackers in the wild, it affects Struts 2.3.5 through 2.3.31 and Struts 2.5 through 2.5.10.

Source: The CVE-2017-5638 Apache Struts 2 command execution flaw affects Cisco products