A recently patched Apache Struts 2 vulnerability, tracked as CVE-2017-5638, has been exploited by crooks in the wild to deliver the Cerber ransomware. The remote code execution vulnerability affected the Jakarta-based file upload Multipart. vulnerability was documented in Rapid7s Metasploit Framework GitHub site. The attackers targeted both Unix and Windows systems to establish backdoor or to infect the system with a DDoS trojan. The recent campaign spotted by researchers at F5 Networks targeted Windows machines.”]
Source: http://securityaffairs.co/wordpress/57789/cyber-crime/apache-struts-cerber-ransomware.html