In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expression in a Freemarker tag instead of string literals can lead to a RCE attack.

Continuous attack surface discovery, validated security testing, and rapid reaction to zero-days.

A live walkthrough of how teams use ZeroVault to find and fix what attackers actually exploit.

Learn about our mission, technology, and how we help organizations stay protected against modern cyber threats.

Our mission, our people, and how we partner with security teams across the world.

Ready to See Your True Attack Surface?

Join thousands of security teams who trust ZeroVault to discover vulnerabilities before attackers do. Get started with a personalized demo.

Complete visibility into your external attack surface. Discover vulnerabilities before attackers do.