File upload logic in Apache Struts is flawed. Rated critical severity (CVSS 9.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Atlassian
RCE
Apache
File Upload
Struts
NVD
CVSS 4.0
9.5
EPSS
78.2%
confidentiality, integrity of the controller when an unauthenticated crafted Modbus packet is sent to the device. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Denial Of Service
NVD
CVSS 4.0
9.3
EPSS
0.6%