Apache Struts Denial of Service Vulnerability

Release Date: 13 Jan 2026 11949 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Web Servers

TYPE: Web Servers

A vulnerability was identified in Apache Struts. A remote user can exploit this vulnerability to trigger denial of service condition, sensitive information disclosure and security restriction bypass on the targeted system.

 

Impact

  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Struts 2.0.0 through Struts 2.3.37 (EOL)
  • Struts 2.5.0 through Struts 2.5.33 (EOL)
  • Struts 6.0.0 through Struts 6.1.0

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to Struts 6.1.1 at least

Vulnerability Identifier

Source

Related Link

Related Tags

ApacheDenial of ServiceSecurity Restriction BypassInformation Disclosure

Share with

Previous

TP-Link Router Multiple Vulnerabilities

13 Jan 2026 5180 Views

Next

Google Chrome Multiple Vulnerabilities

14 Jan 2026 16233 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY