Advisories & Alerts

  • [SingCERT] Apache Struts2 Possible Remote Code Execution 09 March 2017

    Background

    On 7th March 2017, Apache Software Foundation issued an emergency security alert for CVE-2017-5638 (Apache Struts2 S2-045).

    Apache Struts is an open source project of the Apache Foundation Jakarta project team which adopts a MVC framework for developers to develop Java web applications.

    Apache Struts is exposed to a high-risk remote command execution (RCE) vulnerability. It has been reported that the vulnerability is being actively exploited on a wide scale since it is relatively easy to exploit. SingCERT has found numerous unpatched Apache Struts websites in Singapore that are affected. There are potentially many more websites that have not been patched and are therefore vulnerable.

  • [SingCERT] Threat Alert on Cloudflare CloudBleed 24 February 2017

    Last updated on 7 March 2017, 15:13

    On 18 February 0032 GMT, a critical system vulnerability caused by a parser bug was reported to Cloudflare. On 18 February 0722, Cloudflare determined the root cause and turned off three of its features (namely Email Obfuscation, Server-side Excludes and Automatic HTTPS Rewrites) that were using the same HTML parser chain which caused the leak.

  • [SingCERT] Threat Alert: Compromised WordPress Websites due to Outdated WordPress Versions 08 February 2017

    Over the past 3 days, SingCERT has observed an increase in defacements affecting websites hosted in Singapore as well as .sg websites hosted both locally and overseas on WordPress version 4.7.1 and earlier versions. Based on an initial investigations by SingCERT, this was a result of exploitation of a Wordpress vulnerability