7.2 KiB
CVE-2025-24813
&color=brightgreen)
Description
Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Information disclosure and/or malicious content added to uploaded files via write enabled Default Servlet in Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.2, from 10.1.0-M1 through 10.1.34, from 9.0.0.M1 through 9.0.98.The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 though 8.5.100. Other, older, EOL versions may also be affected.If all of the following were true, a malicious user was able to view security sensitive files and/or inject content into those files:- writes enabled for the default servlet (disabled by default)- support for partial PUT (enabled by default)- a target URL for security sensitive uploads that was a sub-directory of a target URL for public uploads- attacker knowledge of the names of security sensitive files being uploaded- the security sensitive files also being uploaded via partial PUTIf all of the following were true, a malicious user was able to perform remote code execution:- writes enabled for the default servlet (disabled by default)- support for partial PUT (enabled by default)- application was using Tomcat's file based session persistence with the default storage location- application included a library that may be leveraged in a deserialization attackUsers are recommended to upgrade to version 11.0.3, 10.1.35 or 9.0.99, which fixes the issue.
POC
Reference
- https://github.com/absholi7ly/POC-CVE-2025-24813/blob/main/README.md
- https://www.vicarius.io/vsociety/posts/cve-2025-24813-detect-apache-tomcat-rce
- https://www.vicarius.io/vsociety/posts/cve-2025-24813-mitigate-apache-tomcat-rce
- https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-detect-vulnerability
- https://www.vicarius.io/vsociety/posts/cve-2025-24813-tomcat-mitigation-vulnerability
Github
- https://github.com/0xMarcio/cve
- https://github.com/0xsyr0/OSCP
- https://github.com/137f/PoC-CVE-2025-24813
- https://github.com/AMatheusFeitosaM/OSCP-Cheat
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/Alaatk/CVE-2025-24813-POC
- https://github.com/AlperenY-cs/CVE-2025-24813
- https://github.com/Andromeda254/cve
- https://github.com/Anomaly-8/ZPOZAS_lab2
- https://github.com/AsaL1n/CVE-2025-24813
- https://github.com/B1gN0Se/Tomcat-CVE-2025-24813
- https://github.com/Bryant001/Kenna_Connector
- https://github.com/CEAlbez/CVE-2025-24813-PoC
- https://github.com/Eduardo-hardvester/CVE-2025-24813
- https://github.com/Erosion2020/CVE-2025-24813-vulhub
- https://github.com/FY036/cve-2025-24813_poc
- https://github.com/Franconyu/Poc_for_CVE-2025-24813
- https://github.com/GadaLuBau1337/CVE-2025-24813
- https://github.com/GhostTroops/TOP
- https://github.com/GongWook/CVE-2025-24813
- https://github.com/Heimd411/CVE-2025-24813-noPoC
- https://github.com/J1ezds/Vulnerability-Wiki-page
- https://github.com/La3B0z/CVE-2025-24813-POC
- https://github.com/Leviticus-Triage/ChromSploit-Framework
- https://github.com/MOCSCTF/cli-AI-assist
- https://github.com/Makavellik/POC-CVE-2025-24813-Apache-Tomcat-Remote-Code-Execution
- https://github.com/Mattb709/CVE-2025-24813-PoC-Apache-Tomcat-RCE
- https://github.com/Mattb709/CVE-2025-24813-Scanner
- https://github.com/MuhammadWaseem29/CVE-2025-24813
- https://github.com/N0c1or/CVE-2025-24813_POC
- https://github.com/Olabanji10/Apache-GOExploiter
- https://github.com/Ostorlab/KEV
- https://github.com/PuddinCat/GithubRepoSpider
- https://github.com/Sachinart/vbulletin-rce
- https://github.com/Shivshantp/CVE-2025-24813
- https://github.com/Sincan2/mhl
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Threekiii/CVE
- https://github.com/VishuGahlyan/OSCP
- https://github.com/abhas9/cve-default-exploitability
- https://github.com/absholi7ly/POC-CVE-2025-24813
- https://github.com/being1943/my_rss_reader
- https://github.com/beyond-devsecops/CVE-2025-24813
- https://github.com/brs6412/CVE-2025-24813
- https://github.com/cchopin/CVE-Arsenal-Lab
- https://github.com/charis3306/CVE-2025-24813
- https://github.com/cyglegit/CVE-2025-24813
- https://github.com/diegopacheco/Smith
- https://github.com/drcrypterdotru/Apache-GOExploiter
- https://github.com/f8l124/CVE-2025-24813-POC
- https://github.com/fatkz/CVE-2025-24813
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/gregk4sec/CVE-2025-24813
- https://github.com/gregk4sec/cve
- https://github.com/hakankarabacak/CVE-2025-24813
- https://github.com/horsehacks/CVE-2025-24813-checker
- https://github.com/iSee857/CVE-2025-24813-PoC
- https://github.com/iamthefrogy/BountyHound
- https://github.com/imbas007/CVE-2025-24813-apache-tomcat
- https://github.com/intruderlabs/tomcatch
- https://github.com/issamjr/CVE-2025-24813-Scanner
- https://github.com/jitmondal1/OSCP
- https://github.com/m3n0sd0n4ld/uCVE
- https://github.com/maliqto/PoC-CVE-2025-24813
- https://github.com/manjula-aw/CVE-2025-24813
- https://github.com/mbanyamer/Apache-Tomcat---Remote-Code-Execution-via-Session-Deserialization-CVE-2025-24813-
- https://github.com/megabyte-b/Project-Ares
- https://github.com/michael-david-fry/Apache-Tomcat-Vulnerability-POC-CVE-2025-24813
- https://github.com/msadeghkarimi/CVE-2025-24813-Exploit
- https://github.com/msamil93/firewallers_capstone_project_cs564
- https://github.com/n0n-zer0/Spring-Boot-Tomcat-CVE-2025-24813
- https://github.com/nn0nkey/mytools
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/packetinside/CISA_BOT
- https://github.com/plzheheplztrying/cve_monitor
- https://github.com/ps-interactive/lab-cve-2025-24813
- https://github.com/rxerium/stars
- https://github.com/s-b-repo/rustsploit
- https://github.com/sentilaso1/CVE-2025-24813-Apache-Tomcat-RCE-PoC
- https://github.com/srinivasraom/cve-2025024813
- https://github.com/tanjiti/sec_profile
- https://github.com/thebringerofdeath789/CVE-2025-24813
- https://github.com/threadpoolx/CVE-2025-24813-Remote-Code-Execution-in-Apache-Tomcat
- https://github.com/tonyarris/CVE-2025-24813-PoC
- https://github.com/u238/Tomcat-CVE_2025_24813
- https://github.com/ums91/CISA_BOT
- https://github.com/w4zu/Debian_security
- https://github.com/x00byte/PutScanner
- https://github.com/x1ongsec/CVE-2025-24813
- https://github.com/yaleman/cve-2025-24813-poc
- https://github.com/yembors64632/cve_monitor_Public
- https://github.com/zhanpengliu-tencent/medium-cve
- https://github.com/zhaoolee/garss